Forum logs for 12 Apr 2018

Monday, 16 March, Year 12 d.Tr. | Author:
asciilifeform: !!up britknee [00:16]
deedbot: britknee voiced for 30 minutes. [00:16]
mircea_popescu: hm ? [00:18]
britknee: Hello [00:19]
mircea_popescu: hi britknee [00:19]
britknee: Hey dear, I believe you are the one I was told to speak with [00:19]
britknee: MP [00:19]
mircea_popescu: yes ? [00:19]
britknee: Something about random numbers and breast [00:20]
mircea_popescu: you here to show your tits ? [00:20]
britknee: Yup! [00:20]
mircea_popescu: so then why not say so [00:20]
mircea_popescu: 23df00b4 [00:20]
britknee: Sorry, I didn't know it was out in the open [Xi] [00:20]
britknee: Neat, let me find something to write with. [00:21]
mircea_popescu: and in other logs, "CL-Feed-Parser/0.0.00 (SBCL 1.4.5 Linux" [00:24]
ckang: !!up sashahsas [00:25]
deedbot: sashahsas voiced for 30 minutes. [00:25]
ckang: sashahsas was too but she is @ work, told me she could sneak off and do it though [00:25]
mircea_popescu: lol. best kind! [00:26]
ckang: yea it just may take her a minute to do it depending on whats going on [00:27]
sashahsas: Hey ckang [00:28]
sashahsas: Hi mircea_popescu [00:28]
mircea_popescu: how's work ? [00:28]
mircea_popescu: sashahsas 1ba61222 [00:29]
sashahsas: Intermittent, had a break to check phone though now. [00:29]
sashahsas: Should have 10 minutes here soon though. [00:29]
mircea_popescu: cool. [00:30]
ben_vulpes: dear #trilema is we is an apache prefork club for mod_php? [00:52]
* ben_vulpes entirely at sea with this [00:52]
mircea_popescu: hm ? [00:52]
mircea_popescu: aand in other imperial wunderwaffen, https://www.youtube.com/watch?v=Uh2ChGFrceM [00:53]
ben_vulpes: there are a few threading models in apache as i understand it, prefork, worker and event [00:54]
mircea_popescu: i use workers. [00:55]
ben_vulpes: mmk [00:55]
ben_vulpes: thanks mircea_popescu [00:55]
mircea_popescu: !!up sashahsas [01:00]
deedbot: sashahsas voiced for 30 minutes. [01:00]
mircea_popescu: !!up britknee [01:00]
deedbot: britknee voiced for 30 minutes. [01:00]
sashahsas: https://usercontent.irccloud-cdn.com/file/T9rgXuh5/image.png [01:04]
douchebag: oooh [01:06]
mircea_popescu: !!up sashahsas [01:35]
deedbot: sashahsas voiced for 30 minutes. [01:35]
sashahsas: Hey [01:35]
mircea_popescu: heya. [01:35]
mircea_popescu: !!pay sashahsas 0.02 [01:35]
deedbot: Get your OTP: http://p.bvulpes.com/pastes/NiS7a/?raw=true [01:35]
mircea_popescu: what do you work, anyway ? [01:35]
sashahsas: Hows it going? Have a few minutes here while I finish eating [01:35]
sashahsas: Hotel, front desk manager [01:36]
mircea_popescu: haha nice. [01:36]
sashahsas: Boring lol [01:36]
sashahsas: But I enjoy the calm [01:36]
mircea_popescu: one of my slavegirls used to work that actually [01:36]
mircea_popescu: in a prior life. [01:36]
sashahsas: Slave girls? [01:36]
sashahsas: Tell me more [01:36]
mircea_popescu: well... here, let's show instead http://trilema.com/2018/the-snows-of-ten-years-ago-almost/ [01:37]
ben_vulpes: okay now for the next wtf: phpinfo returns instantly, i can open a database connection from php and query for the number of tables, but when i use the mp-wp index.php shit slows to a 2.7 second crawl [01:43]
ben_vulpes: i must actually be too thick to configure an mpwp lamp stack. [01:45]
mircea_popescu: bizarre. [01:45]
mircea_popescu: how do you measure the 2.7 second ? [01:46]
ben_vulpes: moreover i got the same behavior out of the php_fpm and proxy setup last night, but had trouble believing my eyes. now i've reproduced it with mod_php and am just as baffled. [01:46]
ben_vulpes: time curl -H 'Host: vantucky' localhost [01:46]
mircea_popescu: does it take just as long for a dummy index.html ? [01:47]
ben_vulpes: .07s to serve robots.txt, .011s to serve phpinfo, .011s to serve phpinfo with a db connection and query [01:48]
mircea_popescu: this is nutty. [01:48]
ben_vulpes: 2.7 to serve the index.php from my copy of mp-wp [01:49]
mircea_popescu: do you have an usable outside url ? [01:50]
ben_vulpes: stick 161.0.121.247 vantucky into your /etc/hosts and curl it on port 800 [01:51]
ben_vulpes: try phpinfo.php and then index.php [01:52]
mircea_popescu: something that can go into eg https://tools.pingdom.com/ [01:52]
ben_vulpes: hmno [01:52]
mircea_popescu: well, is this 2.7 s to first byte ? or total page load ? [01:52]
ben_vulpes: .0003 ttfb in both cases [01:55]
ben_vulpes: per time curl -H 'Host: vantucky' -s -w "Connect: %{time_connect} TTFB: %{time_starttransfer} Total time: %{time_total} \n" localhost:800/phpinfo.php -o /dev/null [01:55]
mircea_popescu: ok so then, you don't have an apache problem. [01:56]
mircea_popescu: is your mp-wp isntall depending on eg a theme you don't have referencing images that don't exist or w/e ?\ [01:56]
ben_vulpes: hmmm [01:56]
mircea_popescu: because that'd add a timeout [01:56]
mircea_popescu: ah, lol. are you referencing the mp-wp as "localhost:800/whatever/index.php" ? [01:57]
ben_vulpes: yeah :( [01:58]
mircea_popescu: item doesn't work that way [01:58]
mircea_popescu: it must know its own address either put it in normally or else i guess edit wp-settings.php to contain your nutty self-reference [01:58]
ben_vulpes: oh fuckin gross [01:58]
mircea_popescu: that's what's going on, it tries to find itself and waits for timeout. [01:58]
ben_vulpes: standby one [01:59]
ben_vulpes: emplaced, but 2.4s and .0003 ttfb [02:04]
mircea_popescu: i don't believe it's either apache or mysql. i expect is unhappy interaction between your ad-hoc dns mapping and mp-wp. [02:05]
mircea_popescu: !!up sashahsas [02:05]
deedbot: sashahsas voiced for 30 minutes. [02:05]
ben_vulpes: mircea_popescu: as in actually trying to talk to itself over http? [02:06]
mircea_popescu: yup. [02:07]
mircea_popescu: i don't even know that it knows what a port is or what to do with the colon. [02:07]
ben_vulpes: well it successfully redirects me to the index and the admin login page now when using a consumer browser not that that's much of an indicator that things aren't deeply fucked within [02:08]
mircea_popescu: the whole story is whether it waits for a timeout somewhere. [02:08]
sashahsas: Hey sorry, had a coworker come up and had to put my phone down. [02:10]
mircea_popescu: lol. [02:11]
mircea_popescu: !!rate sashahsas 1 receptionislut. [02:11]
deedbot: Get your OTP: http://p.bvulpes.com/pastes/sqey4/?raw=true [02:11]
sashahsas: Its a pet peeve of mine, talking to someone and them looking at their phone. [02:11]
mircea_popescu: srsly. [02:11]
sashahsas: So many people do it though unfortunately these days. [02:11]
mircea_popescu: i don't hang out with them. [02:12]
sashahsas: Some can navigate the entire city looking at a phone screen lol [02:12]
mircea_popescu: so are you typing all this on a phone keyboard ?! [02:12]
sashahsas: Cell [02:13]
sashahsas: Yup [02:13]
mircea_popescu: i admire your dedication to this craft. [02:13]
mircea_popescu: i'm generally livid after trying three words. [02:13]
sashahsas: The right keyboard helps a lot with predictive text [02:14]
mircea_popescu: my text is impredictible. [02:14]
sashahsas: [Xii] [02:14]
mircea_popescu: sashahsas so what's the best palindrome you know ? [02:16]
trinque: ben_vulpes: vantucky << I can see it [02:17]
sashahsas: Hmm, that is an actual work? Racecar [02:17]
mircea_popescu: sashahsas : a man, a plan, a canal : panama! [02:17]
sashahsas: sashahsas wouldn't count [02:18]
ben_vulpes: trinque: yeah but i doubt you see it in a reasonable timeframe [02:18]
trinque: nah I mean the place [02:18]
mircea_popescu: trinque is this some inside joke i'm missing ? [02:19]
trinque: ben_vulpes lives in the john deere part of pacific nw [02:20]
ben_vulpes: yeeeehaw [02:20]
trinque: this is just the first time I encountered "vantucky" [02:20]
mircea_popescu: sashahsas let's try it this way then : amanap : lanac-anal panama [02:20]
ben_vulpes: omg where is the apache listen port configured asciilifeform [02:21]
sashahsas: Holy crap [02:22]
sashahsas: Anal panama lol [02:22]
mircea_popescu: ben_vulpes why don't you just put it in production and then futz with optimisation, like normal people ? do you not know anything about webdev ? [02:22]
ben_vulpes: i am unsure as to how serious you are being. [02:23]
mircea_popescu: sashahsas ok, ok, how about this -- amanap : lanac a nalp a nam a [02:23]
ben_vulpes: ama nap, that sounds good right now [02:23]
mircea_popescu: ben_vulpes i am being serious. [02:23]
sashahsas: That hurts my head trying to see it [02:23]
ben_vulpes: mircea_popescu: 2.7 seconds suxxxxx [02:23]
mircea_popescu: ben_vulpes it's a NALP not a plan, narf! [02:24]
mircea_popescu: i mean a nalp not a nap. [02:24]
ben_vulpes: but also not having .htaccess apparently sucks [02:24]
ben_vulpes: narf narf narf [02:24]
mircea_popescu: sashahsas we here at trilema terrorist republic specialize in headhurting & casse-tete chinois. [02:24]
mircea_popescu: just look how well supplied ben_vulpes is! [02:25]
sashahsas: I need to download a thesaurus or dictionary to understand that sentence I think [02:25]
mircea_popescu: sashahsas you don't speak french ? it's how the frenchies say "puzzle". [02:26]
mircea_popescu: "chinese head-breaker". this makes sense, to them. [02:26]
sashahsas: Beautiful language but no never learned it. French girls always sound so sexy. [02:26]
mircea_popescu: do they come there often ? [02:26]
sashahsas: Nope, just heard them through media, TV, news and such. [02:27]
mircea_popescu: possibly media girls sound sexy. [02:27]
sashahsas: Do real ones not? Lol [02:27]
mircea_popescu: i suppose it depends which. [02:28]
mircea_popescu: the hot ones, most definitely. [02:28]
sashahsas: There is also the Cajun style which is pretty interesting. [02:30]
sashahsas: Creole [02:30]
mircea_popescu: cooking, you mean ? [02:31]
sashahsas: No, Louisiana had a french colony at some point I think. [02:31]
sashahsas: It is some strange english/french hybrid. [02:32]
mircea_popescu: well, it actually WAS a french colony. all of it. [02:32]
mircea_popescu: then monroe bought it, hence "the louisiana purchase" [02:32]
sashahsas: Oh, thats right, I completely forgot about that but the name is familiar. [02:33]
ckang: !!up britknee [02:37]
deedbot: britknee voiced for 30 minutes. [02:37]
britknee: thx luv [02:37]
britknee: https://usercontent.irccloud-cdn.com/file/WeZV21J7/image.jpg [02:38]
mircea_popescu: !!pay britknee 0.02 [02:51]
deedbot: Get your OTP: http://p.bvulpes.com/pastes/IleeY/?raw=true [02:51]
britknee: wow that easy? you want my friends to? lol [02:51]
mircea_popescu: sure lol [02:52]
britknee: i dont know if i can get them on irccloud though is only thing [02:52]
trinque: britknee: it says foob on your boob [02:52]
britknee: lol it does [02:52]
mircea_popescu: it's f00b n00b [02:53]
britknee: is that # random or does it mean anything? [02:53]
ben_vulpes: hanbot must have some special sauce in her mp-wp [02:53]
mircea_popescu: britknee so what do you do for a living anyway ? [02:53]
britknee: bum atm, not homeless but not in school or work [02:53]
mircea_popescu: lol, is it fun ? [02:53]
britknee: it is nice being able to do what i want every day [02:54]
britknee: but being broke isn't so much [02:54]
mircea_popescu: heh. [02:54]
britknee: but i have my friends who would show you their tots ! [02:55]
ben_vulpes: http://p.bvulpes.com/pastes/OaPnf/?raw=true [02:55]
mircea_popescu: ben_vulpes lmao she smokes ya [02:56]
britknee: i do not! [02:56]
mircea_popescu: see, THAT is exactly typical and properly working. [02:56]
mircea_popescu: britknee no i don't mean you, i mean hanbot. [02:56]
britknee: o lol [02:56]
ben_vulpes: ain't all about you sweetie [02:56]
mircea_popescu: lol. [02:57]
britknee: y not [Xiii] lol [02:57]
britknee: jk [02:57]
mircea_popescu: speaking of friends, do you have any super talented cartoon artist friends ? [02:57]
mircea_popescu: anyway ben_vulpes here's where you thank me profusely for having saved you dicking about with entirely nonbroken stacks for an alfternity. [02:58]
britknee: most of my friends are pretty talentless, one can sign but the rest, nothing special i know of [02:58]
britknee: sing* [02:58]
mircea_popescu: britknee with friends like that no wonder you're broke! [02:58]
ben_vulpes: mircea_popescu: thank you so very very much. [02:59]
britknee: ikr [02:59]
mircea_popescu: you're welcome! [02:59]
britknee: they are all good ppl though who would do anything they could to help me or each other [02:59]
britknee: that i appreciate [02:59]
ben_vulpes: i am still flabbergasted that it takes apache 2.7 seconds to render what nginx can do with the fpm pool in a tenth of a second. [03:00]
ben_vulpes: http://logs.bvulpes.com/pizarro?d=2018-4-12#331710 [03:00]
mimisbrunnr: Logged on 2018-04-12 06:49 ben_vulpes: hanbot danielpbarron: apache with mod_php is, sadly, much slower than the nginx setup we've had until now. however now we can move forward with getting your .htaccess files set up and uploads and such. i'm going to knock off for now but please let me know how i can support your mp-wp projects next. [03:00]
mircea_popescu: it has nothing to do with apache let everyone who isn't hanbot fix their mp-wp [03:00]
mircea_popescu: ideally by getting her genesis pressed once she puts it out. [03:01]
ben_vulpes: mircea_popescu: nginx can serve hanbots in .01s, not the .6 of apache [03:01]
mircea_popescu: yaya. until there's some load on it./ [03:01]
ben_vulpes: you put those goalposts back [03:01]
ben_vulpes: but i see i see. [03:01]
mircea_popescu: heh. mkay, spherical chickens ftw. [03:02]
mircea_popescu: ben_vulpes do you realise the 0.5 is measured through dns and all that ? did you do same with nginx ? [03:02]
ben_vulpes: .126s without dns [03:03]
trinque: somewhere a star printer screeches with the sound of titties. [03:03]
* trinque will get to these tomorrow, girls [03:03]
mircea_popescu: http://trilema.com/2014/ill-pay-for-your-tits/ << and updated with the largest single day slutcrop yet! [03:08]
mircea_popescu: !!up sashahsas [03:08]
deedbot: sashahsas voiced for 30 minutes. [03:08]
mircea_popescu: !!up britknee [03:08]
deedbot: britknee voiced for 30 minutes. [03:08]
mircea_popescu: so, any great stories ? [03:08]
britknee: i feel smarter having read all the stuff above but still have no clue what it means lol [03:09]
ben_vulpes: awww shit reaction engines limited bezzled boeing and rolls-royce into pouring another pile of bezzlars into the sabre engine [03:12]
mircea_popescu: ugh [03:13]
mircea_popescu: say what ? [03:13]
ben_vulpes: buncha british poofs have a magical ambient-air-breathing-theoretically-up-to-mach-5 rocket engine system [03:14]
mircea_popescu: orly ? [03:14]
ben_vulpes: yeah, they did some really impressive work with fine pipe drawing for the intercooler, and some Black Fucking Magic to keep hell from freezing over [03:15]
ben_vulpes: basic principle is to dump the heat from intake into the onboard lh2 supply, boil a bit off to turn the pumps, and then cut over to internal supplies once out of the atmosphere. [03:16]
* ben_vulpes secretly holds out hope for ssto [03:17]
mircea_popescu: this magical heat exchanger getting air to -150 should be interesting. [03:17]
ben_vulpes: why would the intake stream have to get that cold? [03:18]
mircea_popescu: this is what they spec. [03:18]
ben_vulpes: ah there it is [03:19]
ben_vulpes: black magic, i tell you. cold-fusion grade bezzle. [03:19]
ben_vulpes: http://p.bvulpes.com/pastes/EadTe/?raw=true << either star trek smoke and mirrors or the stuff of boyhood dreams (sabre anti freeze) [03:29]
ben_vulpes: 2015, btw, aviationweek http://aviationweek.com/space/reaction-engines-reveals-secret-sabre-frost-control-technology [03:30]
mircea_popescu: really, 3d printed thin nozzles ? [03:32]
mircea_popescu: gimme a break. [03:32]
ckang: cant get behind all this 3d printer fanboy stuff, its just not a good substrate with the current materials for anything you want to last somewhat longterm [04:31]
ckang: granted im sure things are progressing, but its hard to outperform something from a billet of aluminum [04:33]
* ckang loves well machined aluminum part & high speed milling vids [04:34]
spyked: http://trilema.com/forum-logs-for-19-aug-2017#2326280 <-- /me now wonders whether e.g. http://trilema.com/forum-logs-for-19-aug-2017#2326280 could have been "illuminated" in any other way than through whipping. it is what it is, isn't it? [05:38]
a111: Logged on 2017-08-19 18:25 mircea_popescu: are you aware i think your "formal" model is a piece of shit from paragraph one ? [05:38]
spyked: ^ was in re http://btcbase.org/log/2018-04-12#1796675 [05:38]
a111: Logged on 2018-04-12 01:31 mircea_popescu: spyked but why would it be difficult in that way ? [05:38]
spyked: http://btcbase.org/log/2018-04-12#1796749 <-- that's probably my thing, I've been playing with it for the last two weeks or so, I have it in a loop grabbing feeds from republican blogs. [05:42]
a111: Logged on 2018-04-12 04:24 mircea_popescu: and in other logs, "CL-Feed-Parser/0.0.00 (SBCL 1.4.5 Linux" [05:42]
asciilifeform: attn folx : node zoolag is back in service. [10:47]
asciilifeform: aaaand a happy cosmonautics day ( http://www.loper-os.org/?p=854 rerun!11 ) to errybody. [11:00]
asciilifeform: !!up zx2c4 [11:18]
deedbot: zx2c4 voiced for 30 minutes. [11:18]
asciilifeform: zx2c4: hello ? [11:20]
asciilifeform: zx2c4: author of 'wireguard' ? [11:22]
zx2c4: hello. mircea_popescu asked me to come here for two hours to field some questions about wireguard from you all. i'm not very familiar with this channel or the community in it, but i am happy to talk to whomever about wireguard. so let's start the timer now? [11:26]
zx2c4: hi asciilifeform. [11:26]
asciilifeform: zx2c4: it so happens that i have a few q: [11:28]
zx2c4: sure [11:28]
asciilifeform: zx2c4: how did you select the 'noise' protocol ? [11:30]
zx2c4: it's small, minimal, has the flexibility to be exactly what i needed and nothing larger. makes conservative choices. fits into the security model i was aiming for with the implementation properties i was looking for. i was also involved with noise from very early on, so several concerns and needs i had with wireguard got factored into noise. and since noise is a very interesting framework, it's now receiving much needed academic attention in [11:32]
zx2c4: proving it. [11:32]
zx2c4: are you interested in learning about the security properties i had in mind when designing wireguard? [11:33]
asciilifeform: yes [11:33]
zx2c4: wireguard is supposed to be implementable using simple algorithms with as small of a state machine as possible, so that the code size and complexity is kept at a minimum. in otherwords, it aims to be easily auditable so that people can actually read it and feel confident that it doesnt have horrible vulnerabilities. with massive codebases and highly complex designs like openvpn or ipsec, this obviously isnt possible. so with wireguard i was trying [11:34]
zx2c4: to make something that would make this all possible [11:34]
zx2c4: then on top of that i wanted a few nice properties: [11:35]
zx2c4: - silent to unauthorized packets. if you dont know there's a wireguard endpoint there and don't have credentials to talk to it, you can't get it to respond to anything. so, you cant scan for endpoints. this makes it a good thing to put on the outer edge of your network. [11:35]
zx2c4: - no parsers. fixed length fields only. [11:35]
zx2c4: - minimal state machine, as mentioned above, which means 1-RTT: if something goes wrong with a message being dropped, the solution is always to just "start over the protocol", since it's only 1-RTT. this saves amazing amounts of complexity [11:36]
zx2c4: - no dynamic memory allocation. all the memory used by wireguard should be allocated at configuration time, not in response to incoming packets. [11:36]
zx2c4: - denial of service resistance. as mentioned, you should be able to put this on the outer edge of a network [11:37]
asciilifeform: 'silent to unauthorized packets' is a good thing, and some of the folx here, incl. asciilifeform , are working on systems with this property (e.g. http://btcbase.org/log/2015-01-07#967274 ) [11:37]
a111: Logged on 2015-01-07 01:22 asciilifeform: with udp, you can make the 'friend or foe?' decision upon receipt of a single (!) packet. [11:37]
asciilifeform: hence the interest in zx2c4's published item [11:37]
zx2c4: indeed. i guess you could call the property 'stealthiness' [11:37]
zx2c4: - extremely simple configuration interface. short base64 25519 pubkeys you can paste around through any means. simple config files. everything happens on the interface level. [11:38]
zx2c4: - ease of system administration. since its interface-based, things like iptables and whatnot work as you'd expect. [11:38]
asciilifeform: no-dynamic-allocation is also a Good Thing, for instance in my FFA crypto lib ( http://www.loper-os.org/?cat=49 ) this property exists [11:38]
zx2c4: asciilifeform: oh cool. i havent seen this ill take a look [11:38]
asciilifeform: zx2c4: don't go away yet plz. i'd like to ask a few q re your crypto design [11:39]
zx2c4: - the whole cryptokey routing table thing is very important for making things extremely simple. it pairs the identity of a public key with the ip address someone is allowed to be inside the tunnel. no fancy security marks or whatever from ipsec bloat [11:39]
zx2c4: asciilifeform: i agreed to stick around for 2 hours. worry not. :P [11:39]
asciilifeform: zx2c4: why did you select diffie-hellman ? ( vs e.g. rsa ) [11:39]
zx2c4: ive got some more design properties to enumerate if you'd like, but i can answer your direct questions too [11:39]
asciilifeform: zx2c4: carry on, but after that let's come back to DH [11:40]
zx2c4: KEMs like RSA are more complicated to implement in as few round trips as DH-based protocols [11:40]
zx2c4: - wireguard isn't chatty. when you're not sending traffic, it shuts up and you cant tell its there [11:41]
asciilifeform: how's that ? you can encipher a symmetric key in an rsagram , and that's 1 packet. then 1 packet back to ack receipt. neh ? [11:41]
zx2c4: - wireguard doesnt expose any state to the administrator. there's either an interface or there isnt. theres no concept of "connection". with a very simple timer state machine, we're able to completely hide all details from the sender side [11:42]
zx2c4: so for the handshake we want these properties in 1-RTT: [11:42]
asciilifeform: ( i grasp the connectionless scheme , having prototyped a similar item ) [11:42]
zx2c4: - authentication in the first message, so that unauthenticated packets arent replied to, hence ensuring things are stealthy [11:42]
zx2c4: - forward secrecy [11:42]
zx2c4: - [limited/weak] identity hiding [11:43]
zx2c4: - key compromise impersonation resistance [11:43]
asciilifeform: expland please re the latter [11:43]
asciilifeform: *expand [11:43]
zx2c4: - key secrecy resilience when 2 of 4 keys, one from each side, are compromised (out of static initiator, static responder, ephemeral initiator, ephemeral responder) [11:43]
zx2c4: key compromise impersonation is what happens when somebody steals your private key, and then can impersonate anybody else _to_ you [11:44]
asciilifeform: under what circumstances would 2 / 4 be compromised, but not 4 / 4 ? [11:44]
zx2c4: for example, when your static longterm keys are compromised, but the ephemeral keys have not been compromised, since they're erased/renewed every 2 minutes [11:45]
zx2c4: or, conversely, [11:45]
zx2c4: when the RNG is backdoored, the ephemerals are compromised, but not necessarily the statics [11:45]
zx2c4: or some combination of the above [11:45]
asciilifeform: since you mentioned rng : what source of rng does your system use in a typical configuration ? [11:46]
zx2c4: same source as /dev/urandom [11:46]
asciilifeform: urandom ?! [11:46]
zx2c4: in otherwords, the kernel's built-in RNG [11:46]
asciilifeform: prng [11:46]
zx2c4: (i've got a project going on right now to rewrite that actually) [11:46]
zx2c4: yes, csprng [11:46]
zx2c4: which can take entropy from trngs bla bla [11:46]
asciilifeform: at any rate, we can come back to this piece [11:46]
asciilifeform: let's return to DH [11:47]
zx2c4: sure [11:47]
zx2c4: another advantage of DH over RSA is that ECDH allows for really short and sweet keys [11:47]
zx2c4: with relatively simple implementations [11:47]
asciilifeform: !!up zx2c4 [11:48]
deedbot: zx2c4 voiced for 30 minutes. [11:48]
zx2c4: our two x25519 C implementations (32bit and 64bit) are actually generated by theorem proving software, so that we're sure they dont contain any errors [11:48]
asciilifeform: zx2c4: which proving system did you use ? [11:49]
zx2c4: the 64bit one comes from HACL* [11:49]
zx2c4: the 32bit one comes from fiat-crypto [11:49]
zx2c4: fiat-crypto also has a 64bit one, but the HACL* one was faster [11:49]
zx2c4: https://github.com/mitls/hacl-star [11:49]
zx2c4: https://github.com/mit-plv/fiat-crypto [11:49]
zx2c4: HACL* uses F* [11:49]
zx2c4: fiat-crypto uses Coq [11:50]
zx2c4: https://www.fstar-lang.org [11:50]
asciilifeform: let's posit that the proving system itself contains no errors. what classes of error do these systems claim to exclude ? [11:50]
zx2c4: https://coq.inria.fr [11:50]
zx2c4: things like integer overflow, or general arithmetic errors [11:50]
zx2c4: carry bugs [11:51]
zx2c4: also, constant time [11:51]
asciilifeform: how is the latter guaranteed ? [11:51]
asciilifeform: i.e. , if i disasm your .o , will i see 0 conditional jumps ? [11:51]
zx2c4: by only using a limited subset of constructs which are known to be constant time [11:51]
zx2c4: yes, there are no conditional jumps [11:51]
asciilifeform: anywhere ? or in particular routines ? [11:51]
zx2c4: our discussion of HACL* and fiat-crypto pertains to the two C implementations of x25519 [11:52]
zx2c4: ill show you the code [11:52]
zx2c4: it looks... quite strange [11:52]
zx2c4: since its machine generated [11:52]
asciilifeform: out of curiosity, how big is the typical built binary for this library ? ( say, on amd64 ) [11:52]
zx2c4: https://git.zx2c4.com/WireGuard/tree/src/crypto/curve25519-fiat32.h [11:53]
zx2c4: https://git.zx2c4.com/WireGuard/tree/src/crypto/curve25519-hacl64.h [11:53]
asciilifeform: if i want to hand-audit it, say. [11:53]
zx2c4: you mean if you just wanted to hand audit the .o that comes out of this? [11:53]
asciilifeform: correct [11:53]
zx2c4: not very big at all [11:53]
zx2c4: i can check for you one sec [11:53]
asciilifeform: btw zx2c4 , i must regret to inform you that the code you linked, is in fact NOT constant-time on several common architectures, because it makes use of machine MUL instruction ( gcc will compile a nonconstant-operanded '*' to e.g. IMUL on x86 ) [11:54]
asciilifeform: http://btcbase.org/log/2018-02-17#1784243 << see e.g. this discussion. [11:54]
a111: Logged on 2018-02-17 04:22 asciilifeform: mod6: i will share my current hypothesis : all current intels have MUL leakage [11:54]
zx2c4: https://data.zx2c4.com/curve25519-from-hacl-for-asciilifeform.o [11:55]
asciilifeform: ppc, arm7, older intels ( e.g. 486, celeron ), and possibly new intels , all have variant-timed IMUL [11:55]
asciilifeform: 41 kB, notbad [11:56]
zx2c4: https://א.cc/wrlf5K8I voila [11:57]
trinque: wtf? [11:57]
zx2c4: haha deedbot doesnt like utf8 URLs [11:57]
zx2c4: found a vuln! [11:57]
zx2c4: does that entitle me to deedbot btc? [11:57]
trinque: mmnope. [11:57]
shinohai: !~weather [11:57]
jhvh1: stormy with a chance of packeting [11:57]
zx2c4: alas [11:57]
asciilifeform: zx2c4: phf has been fiddling with the thing's uniturd processing of late prolly introduced bug [11:57]
trinque: utf8 works just fine [11:57]
trinque: asciilifeform: phf has been fiddling with deedbot? [11:58]
asciilifeform: aaa lol nm [11:58]
zx2c4: asciilifeform: i haven't been able to observe any non-constant time multiplications on intel in that code [11:58]
zx2c4: if you've found an architecture attack though, please do publicise it. that sounds like it could be some really great security attack work. [11:58]
asciilifeform: zx2c4: to observe it, you will have to hand-emplace rdtsc around it , and run on properly doctored inputs [11:59]
asciilifeform: zx2c4: this particular architectural sadness is not my discovery [11:59]
asciilifeform: it has been common knowledge for some years [11:59]
asciilifeform: discussed, for instance, in https://bearssl.org/ctmul.html [11:59]
asciilifeform: ( complete with list of known-to-be-sad chips ) [11:59]
zx2c4: looks like intel is basically fine? [12:00]
zx2c4: i dont own any via 2000 hardware to test on [12:01]
asciilifeform: zx2c4: most of the currently-sold intels are ok re : imul. arm, however, is not [12:02]
zx2c4: looks like 7T and 9T have issues. nice chart [12:03]
zx2c4: if you're interested in crypto primitives in wireguard in general, i can give you an overview of our implementations. the hacl and fiat code is not the only code we have in there [12:04]
asciilifeform: zx2c4: i've spent the past ~2yrs writing a properly constant-time arithmetic lib. it is being slowly published. ( see earlier link to my www ) [12:04]
asciilifeform: but i have a somewhat different approach, which i call 'fits in head' [12:04]
zx2c4: oh? [12:05]
asciilifeform: !#s fits in head [12:05]
a111: 219 results for "fits in head", http://btcbase.org/log-search?q=fits%20in%20head [12:05]
asciilifeform: ( or see the ffa article series, http://www.loper-os.org/?cat=49 , currently on sabbatical but due to resume after i come back from upcoming biznistrip ) [12:06]
asciilifeform: but let's come back to your product, zx2c4 : [12:06]
zx2c4: project* [12:06]
asciilifeform: project [12:07]
asciilifeform: how did you settle on the use of bernsteinian cryptoprimitives ( e.g. chacha ) ? [12:07]
zx2c4: chachapoly is well understood and is fast on nearly all hardware [12:08]
zx2c4: its also easy to implement and simple [12:08]
zx2c4: aes is also well understood, but is neither easy to implement, simple, nor fast on all hardware [12:08]
asciilifeform: zx2c4: does it bother you that no proof of strength for any symmetric cipher other than otp (e.g. aes, chacha, etc ) exists ? [12:10]
zx2c4: not anymore than other things in cryptography worry me [12:10]
asciilifeform: ( i.e. a reduction to np-hard or for that matter ANY particular complexity class ) [12:10]
zx2c4: things like RSA boil down to number theory problems. but that's in a sense scarier than the set of problems that good block ciphers tend to boil down to. because it means that those primitives have lots of _structure_, and generally structure is something that can be exploited. just look at all the amazing and fantastic attacks on things with structure. so just boiling down to a [currently considered] "hard problem" doesn't provide as much solace [12:12]
zx2c4: as you'd hope [12:12]
asciilifeform: sadly enough, there is not, as of my last look, a proof that rsa reduces to hardness-of-Factoring [12:12]
asciilifeform: so it suffers from similar problem. [12:13]
zx2c4: but even hardness of factoring... how hard is this actually? what number theoretic advances are right around the corner? [12:13]
zx2c4: so anyway, im less concerned about symmetric cryptography than other things [12:13]
asciilifeform: when i ask for 'reduces to nphard', obviously i cannot mean 'factoring', because its hardness is not proven [12:14]
asciilifeform: conceivably factoring is in P. [12:14]
zx2c4: seems like there are many places and interesting ways to optimize at this point. lots of neat creative work coming out. but that with aes and whatnot, we're in a pretty good place in terms of symmetric crypto [12:14]
asciilifeform: several yrs ago i went in search of ~any~ problem that can be shown to have a ~nphard average case~ . and found none. [12:14]
zx2c4: shape packing? [12:15]
asciilifeform: afaik no proof of hard-average-case exists for it [12:15]
zx2c4: interesting [12:15]
asciilifeform: or for anything else. [12:15]
asciilifeform: it's a 1) open problem 2) afaik nobody is publicly working on [12:15]
zx2c4: are you skeptical of djb primitives? wondering with what motivation came that question? [12:16]
asciilifeform: i am skeptical of all symmetric ciphers and hashes, given as there exists no scientific basis for considering any of them to be actually strong. [12:17]
asciilifeform: but of djb's in particular, their sudden popularity in past few yrs also has no satisfying explanation imho. [12:17]
zx2c4: theyre simple and fast on all hardware, and he came up with an api for using them that many developers like to use (the nacl stuff) [12:18]
zx2c4: i'm pretty sure there's no conspiracy [12:18]
asciilifeform: rc4 was also 'simple and fast'... [12:18]
asciilifeform: and rot13 even faster [12:18]
asciilifeform: !!up zx2c4 [12:18]
deedbot: zx2c4 voiced for 30 minutes. [12:18]
zx2c4: i'd be surprised to see all 20 rounds of chacha broken [12:18]
asciilifeform: but to move on from this item : zx2c4 how did you select 'blake2' hashing system ? [12:19]
zx2c4: similar criteria - well understood, simple to implement, fast on nearly all hardware [12:19]
zx2c4: its core is basically chacha -) [12:20]
asciilifeform: md5 was also fast and simple... [12:20]
zx2c4: you know hmac-md5 still isnt broken [12:20]
zx2c4: (noise uses blake with hkdf, which internally uses hmac) [12:21]
zx2c4: blake is also faster than md5 which is nice [12:21]
zx2c4: but anyway, the world has learned quite a bit since md5 [12:21]
zx2c4: blake2 came from blake which went through the sha3 contest as a finalist [12:21]
zx2c4: so it's received quite a bit of scrutiny [12:22]
asciilifeform: i don't see 'not publicly smashed to bits of just yet' as a proof of strength, given as it is true of literally every system ever devised, until the moment of public breakage [12:22]
zx2c4: i dont think hmac-md5 is anywhere near broken, actually. [12:22]
zx2c4: not saying anyone should use it but [12:23]
zx2c4: its in a much better place than just raw md5 [12:23]
asciilifeform: since mentioned scrutiny : on www of 'wireguard', there is mention of 'reviewed by cryptographers' . may i ask, who reviewed ? [12:23]
asciilifeform: are the reviews published somewhere ? [12:23]
zx2c4: the paper was peer reviewed for NDSS'17 [12:23]
asciilifeform: is it on www ? [12:23]
asciilifeform: and the reviews themselves, also ? [12:24]
zx2c4: yea usually there's lots of information on the conference and board and whatnot [12:24]
asciilifeform: happen to have a link handy ? [12:24]
zx2c4: i dont think they post the reviews? except that it was "accepted" to the conference [12:24]
asciilifeform: i'm curious, for instance, whether any of the cryptographers observed that the arithmetical routines behind your ecc are not in fact constant time on e.g. arm. [12:24]
zx2c4: then in the acknowledgement of the paper, a few others arementioned who reviewed it while it was being written [12:25]
asciilifeform: zx2c4: so it is not possible currently for me to learn , which cryptographers reviewed, and what they had said ? [12:25]
zx2c4: and then since several other colleagues and cryptographers have reviewed the system favorably [12:25]
asciilifeform: any possibility to see who ? [12:25]
zx2c4: i havent compiled a list of Name+WrittenReview. maybe i should do that [12:25]
zx2c4: seems like lots of things these days have testimonials [12:26]
asciilifeform: i'm less interested in 'testimonials', and more in re criticisms [12:26]
zx2c4: ahh [12:26]
mircea_popescu: o hey there zx2c4 [12:26]
asciilifeform: but it so happens that i in particular do not think much of the work of current 'pro cryptographers'. [12:26]
mircea_popescu: !!key zx2c4 [12:26]
deedbot: Not registered. [12:26]
zx2c4: hello mircea_popescu [12:26]
zx2c4: we've been going at it for a while here [12:26]
mircea_popescu: zx2c4 do me a favour and !!register your key [12:26]
zx2c4: i tried registering my key privately to deedbot but it didnt respond [12:26]
zx2c4: ill try it in public here instead [12:26]
mircea_popescu: please do [12:26]
zx2c4: !!register https://www.zx2c4.com/keys/AB9942E6D4A4CFC3412620A749FC7012A5DE03AE.asc [12:27]
asciilifeform: zx2c4: i'ma leave the rest of the session to mircea_popescu , owner of this chan, and my co-author in e.g. the FUCKGOATS auditable trng, https://archive.is/CGQkR ) [12:27]
mircea_popescu: did you two come to blows ? [12:27]
zx2c4: mircea_popescu: no, thought it was quite productive actually [12:27]
asciilifeform: mircea_popescu: lol notyet, i did the 'civilized' thing as you suggested. [12:27]
mircea_popescu: zx2c4 the tls fails i bet. [12:27]
zx2c4: asciilifeform: oh, okay. im happy to keep going though. and if you want to be uncivilized, ill gladly accept any harshness you want to throw my way. i dont scare easilyt [12:28]
zx2c4: !!register http://keyserver.ubuntu.com:11371/pks/lookup?op=get&search=0xAB9942E6D4A4CFC3412620A749FC7012A5DE03AE [12:29]
deedbot: AB9942E6D4A4CFC3412620A749FC7012A5DE03AE registered as zx2c4. [12:29]
mircea_popescu: win. [12:29]
mircea_popescu: !!rate zx2c4 1 j. a. donenfeld, wireguard guy. [12:30]
deedbot: Get your OTP: http://p.bvulpes.com/pastes/HxKbS/?raw=true [12:30]
mircea_popescu: !!pay zx2c4 1 [12:30]
deedbot: Get your OTP: http://p.bvulpes.com/pastes/94ISz/?raw=true [12:30]
mircea_popescu: zx2c4 you understand how the logs work btw ? [12:30]
zx2c4: no, not at all. im also not quite sure what to do with these pgp encrypted blobs i cant decrypt [12:31]
asciilifeform: zx2c4: they're for mircea_popescu to decrypt it makes the command go. [12:31]
zx2c4: oh, gotcha [12:31]
mircea_popescu: they are not for you they are for me. deedbot works an otp verification model -- you tell it to do whatever youwant, it asks you to prove you own the key, if you do it does it. [12:31]
zx2c4: makes more sense [12:31]
asciilifeform: zx2c4: he just threw a whole bitcoin into your piggy. [12:31]
zx2c4: horrah! thanks [12:32]
asciilifeform: zx2c4: which you can withdraw using deedbot at your leisure [12:32]
mircea_popescu: now let's look at the logs : [12:32]
mircea_popescu: http://btcbase.org/log/2018-04-12#1797221 [12:32]
a111: Logged on 2018-04-12 16:32 mircea_popescu: now let's look at the logs : [12:32]
mircea_popescu: you can click the link and see a website-based story of the log the bot also reads the line referenced in conversation. [12:32]
zx2c4: if you guys wind up using wireguard for part of your infra and want to support wireguard for a year, i'm always looking for large donations, etc. not sure if that's what deedbot is for exactly but that would be quite the nice deed [12:33]
mircea_popescu: this is a lot more than meets the eye because it actually restructures conversations into a tree. things here have a depth not encountered anywhere else. [12:33]
zx2c4: interesting [12:33]
mircea_popescu: the deed in deedbot comes from the republican system for registration of deeds. think of it as your county clerk, you can go to him to register your wedding or business or w/e. [12:33]
zx2c4: O_o [12:34]
zx2c4: neat [12:34]
mircea_popescu: http://deedbot.org/ << on deedbot you can register any arbitrary item it keeps a record that indeed your signature did so and it marks the time, through inclusion in the bitcoin blockchain [12:34]
mircea_popescu: so it permits indefeasible record of deeds something the fiat sovereigns have not yet managed. [12:34]
zx2c4: !!withdraw 1 1ASnTs4UjXKR8tHnLi9yG42n42hbFYV2um [12:35]
zx2c4: lets see if that works [12:35]
deedbot: Get your OTP: http://p.bvulpes.com/pastes/ApNfb/?raw=true [12:35]
zx2c4: im guessing deedbot will send me a otp now [12:35]
zx2c4: voila [12:35]
mircea_popescu: zx2c4 mind that transfers are not instantaneous. [12:35]
mircea_popescu: so it may need a few. [12:35]
mircea_popescu: there's also !!balance and !!ledger, and besides [12:35]
mircea_popescu: !!help [12:35]
deedbot: http://deedbot.org/help.html [12:35]
zx2c4: !!v 613368773AD31E2D4F1A68F8F740BE5AE18F5C46924FB8C9C3CC2084E52C6D4D [12:36]
mircea_popescu: !!rate ckang 2 diplomatic agent o.O [12:36]
deedbot: Get your OTP: http://p.bvulpes.com/pastes/JHIsH/?raw=true [12:36]
zx2c4: i wonder if that verification worked i just posted [12:36]
mircea_popescu: i think if you have not enough in your wallet it drops it silently and if the payment's not processed yet you might have nothing in your wallet yet. [12:37]
zx2c4: interesting [12:37]
zx2c4: well, feel free to keep filling up my wallet, say, with thousands of coins O_o [12:37]
mircea_popescu: lol. [12:38]
mircea_popescu: http://btcbase.org/log/2018-04-12#1796973 << ahaha jesus christ check him out, he gets it natively! [12:39]
a111: Logged on 2018-04-12 08:31 ckang: cant get behind all this 3d printer fanboy stuff, its just not a good substrate with the current materials for anything you want to last somewhat longterm [12:39]
mircea_popescu: http://btcbase.org/log/2018-04-12#1796974 << yes dood, sintering is a joak in terms of material strength and high performance generally. [12:39]
a111: Logged on 2018-04-12 08:33 ckang: granted im sure things are progressing, but its hard to outperform something from a billet of aluminum [12:39]
mircea_popescu: speaking of which and ben_vulpes boyhood dreams, ssto and so on : i dreamt last night that someone actually managed to create that true wunderwaffen material, the composite/ceramic with higher tensile strength than steel, but negligible caloric conductivity. making some iiiincredible jet engines. [12:40]
mircea_popescu: http://btcbase.org/log/2018-04-12#1796976 << you know me. he doesn't know you. this makes all the difference in the world -- i can whip my slavegirls into shape because they ~love me~. people without this benefit are stuck going at snail speed, which is why "education" in the unsexualized way it's implemented publicly does not work. it couldn't fucking work. [12:42]
a111: Logged on 2018-04-12 09:38 spyked: http://trilema.com/forum-logs-for-19-aug-2017#2326280 <-- /me now wonders whether e.g. http://trilema.com/forum-logs-for-19-aug-2017#2326280 could have been "illuminated" in any other way than through whipping. it is what it is, isn't it? [12:42]
mircea_popescu: http://btcbase.org/log/2018-04-12#1796980 << sweet! [12:42]
a111: Logged on 2018-04-12 09:42 spyked: http://btcbase.org/log/2018-04-12#1796749 <-- that's probably my thing, I've been playing with it for the last two weeks or so, I have it in a loop grabbing feeds from republican blogs. [12:42]
* asciilifeform has 1 more q for zx2c4 , after mircea_popescu finishes [12:43]
zx2c4: well im still around here for another half hour or so, so feel free to lob anything more at me [12:43]
zx2c4: oh good, okay [12:43]
mircea_popescu: asciilifeform by all means, go ahead. [12:43]
mircea_popescu: i have to read your previous convo. [12:43]
asciilifeform: zx2c4: are you the author of 'noise' protocol ? [12:44]
asciilifeform: ( co-author ? ) [12:44]
asciilifeform: the q , then : why does 'noise' include a null-cipher mode ? [12:44]
zx2c4: Noise is from Trevor Perrin. I've been very involved in contributing to the project though (i mentioned at the end of the specification) [12:44]
zx2c4: a null cipher mode? it doesnt... [12:44]
mircea_popescu: http://btcbase.org/log/2018-04-12#1796991 << let me ask you this then : why do you send an encrypted empty message when heartbeat fails ? [12:44]
a111: Logged on 2018-04-12 15:28 zx2c4: sure [12:44]
mircea_popescu: alf trying to poach my question :D [12:45]
asciilifeform: zx2c4: do i misread ? because in the spec, 'No confidentiality. This payload is sent in cleartext.' ( http://www.noiseprotocol.org/noise.html#message-format section 7.4 ) [12:45]
asciilifeform: seems that it does. [12:45]
zx2c4: oh, that's not quite what that's about [12:46]
zx2c4: noise defines several different handshakes [12:46]
zx2c4: wireguard uses Noise_IKpsk2 [12:46]
zx2c4: which is 1-RTT [12:46]
zx2c4: but there are other noise handshakes [12:46]
mircea_popescu: http://btcbase.org/log/2018-04-12#1797002 << this is fucking grand. i love reading through this list, it's in the vein of "oh my god, check that out, he natively gets it!" [12:46]
a111: Logged on 2018-04-12 15:36 zx2c4: - minimal state machine, as mentioned above, which means 1-RTT: if something goes wrong with a message being dropped, the solution is always to just "start over the protocol", since it's only 1-RTT. this saves amazing amounts of complexity [12:46]
zx2c4: 0-RTT, 1-RTT, 2-RTT, and so forth [12:46]
mircea_popescu: zx2c4 don't break up your sentences in multi lines, we read everything anyway. [12:46]
zx2c4: oh, okay [12:47]
asciilifeform: zx2c4: granted, but it would appear that the orig spec of 'noise' permits null-ciphering, just like the nsa-authored ssl/tls. [12:47]
asciilifeform: this does not bother you ? [12:47]
asciilifeform: ( see also http://btcbase.org/log/2018-04-11#1796297 ) [12:47]
a111: Logged on 2018-04-11 16:11 asciilifeform: mircea_popescu: picture if the selector on kalash had a 'fires backwards' position. [12:47]
zx2c4: noise defines several different handshakes. wireguard uses Noise_IKpsk2, which is 1-RTT. But there are other noise handshakes, some of which are 0-RTT, 1-RTT, 2-RTT, 1.5-RTT, and so forth. each handshake message can optionally contain a payload -- to contain things like, say, certificates or other data. the question is at which stage of the handshake do you use the payload parameter? if you do it too early in some, you get zero confidentiality. so [12:48]
zx2c4: this is spelled out explicitly in the section you mentiond [12:48]
zx2c4: but there's certainly not any "null-ciphering" and this is only a misunderstanding of what the specification says [12:48]
asciilifeform: i understand the bare fact, zx2c4 . my question is, why do you think the protocol author permitted an unsecured mode as a valid mode of operation ? [12:48]
asciilifeform: what's the justification, for permitting it at all [12:48]
asciilifeform: !!up zx2c4 [12:48]
deedbot: zx2c4 voiced for 30 minutes. [12:48]
zx2c4: its not an "unsecured mode" because this isnt a "mode" [12:49]
mircea_popescu: zx2c4 you can voice yourself (permanently) by saying !!up to deedbot saves us the trouble. [12:49]
asciilifeform: it appears to be a valid state of the state machine. else why would it be mentioned in the spec. [12:49]
zx2c4: !!up [12:49]
deedbot: Get your OTP: http://p.bvulpes.com/pastes/LgTad/?raw=true [12:49]
zx2c4: !!v CFFE7CEB6795F523B137AA9A9B0C8A20024FF0EED10EEF7C649C81591CF9DDE1 [12:49]
deedbot: You are now voiced in #trilema [12:49]
asciilifeform: zx2c4: generally you will say !!up to deedbot in pm [12:49]
asciilifeform: ( when initially connected to fleanode ) [12:49]
zx2c4: sorry, new here -) [12:49]
mircea_popescu: dun worry. [12:49]
mircea_popescu: asciilifeform seems to me the case to be, that they defined a matrix, and then implemented all the cells, and fuck you if you pick a dumb cell. [12:50]
zx2c4: there are valid use cases of sending information in the clear in the payload parameter. for example, perhaps you want to use it to advertise which aspects of the protocol are valid for subsequent messages. or you want to send a certificate along to authenticate yourself. the payload parameter certainly shouldnt be confused with transport messages, which are what are allowed after the handshake completes [12:50]
mircea_popescu: the ready argument for doing it this way is simplicity. [12:50]
zx2c4: this is not the case of the "null mode" in IPsec, which is obviously a complete disaster with no good justification [12:51]
asciilifeform: mircea_popescu: what i see is, the cell is there, but there is no indication that it is connected , as it ought to be, to red lights, siren, and dropping of reactor moderator rods [12:51]
mircea_popescu: they saved on the loc. [12:51]
asciilifeform: lol [12:51]
zx2c4: its not about LoC either. [12:51]
mircea_popescu: zx2c4 for the public record, make the "this is not the case" distinction plain. [12:51]
mircea_popescu: how is it not the same thing ? [12:52]
zx2c4: because IPsec's null cipher mode is for transport data. what youre asking about with 7.4 is the payload parameter of the handshake messages [12:52]
zx2c4: one thing to keep in mind is that Noise isn't a single ready-made protocol for every application designer to take. its instead a protocol framework for protocol designers to use. knowing explicitly what the payload param gives you in each message is really important, so that you dont screw up and put your stuff somewhere it shouldnt be. there are legitimate protocol use cases for using the payload parameter early on during the handshake. its [12:53]
zx2c4: important to then know what level of confidentiality you get there [12:53]
mircea_popescu: so in no case a dizzy operator could naively set up noise 7.4 so as to send his payloads in plaintext. [12:53]
mircea_popescu: this is principally enforced by dizzy operators not touching the framework in the first place, but only given implementations of it. [12:54]
zx2c4: pretty unlikely that somebody would design a protocol inadvertently that way [12:54]
mircea_popescu: right. [12:54]
zx2c4: which is why trevor explicitly spells it out [12:54]
mircea_popescu: ok, now to my bit : poach [12:54]
zx2c4: i remember asking for this on the mailing list at some point [12:54]
mircea_popescu: oops . i mean : http://btcbase.org/log/2018-04-12#1797270 [12:54]
a111: Logged on 2018-04-12 16:44 mircea_popescu: http://btcbase.org/log/2018-04-12#1796991 << let me ask you this then : why do you send an encrypted empty message when heartbeat fails ? [12:54]
asciilifeform: ( alternatively, how many bits do i need to flip in an otherwise correctly configured box, to set a 'noise' cipherer, into null mode ? ) [12:54]
zx2c4: also, btw, when you're not using the payload parameter in a message, it's just set to empty, because the authentication tag used by it is still important for the protocol. [12:54]
mircea_popescu: asciilifeform he can't answer that, because it'd be implementation dependant. [12:55]
asciilifeform: fair'nuff [12:55]
mircea_popescu: zx2c4 the fundamental problem with "set to empty" is that ciphers can be and many are vulnerable to this, as a particular case of "known plaintext" [12:55]
zx2c4: empty message when heartbeat fails? huh? [12:55]
mircea_popescu: let me quote your exact line. [12:55]
mircea_popescu: "If a packet has been received from a given peer, but we have not sent one back to the given peer in KEEPALIVE ms, we send an empty packet." << [12:56]
zx2c4: oh. good question [12:56]
mircea_popescu: i can't use the trilema-style url-reference (here's an example : http://trilema.com/2018/boboban/#selection-47.0-47.10 ) because you don't have implemented. but it's from the /protocol page [12:56]
zx2c4: every time i send you something, i expect to hear back from you. if i dont hear back from you, then something bad has happened,and i should start over with a new handshake. my way of hearing back to you might be in the natural sense -- i send a TCP SYN, you send me back a TCP ACK -- or it might be the case that you actually just have nothing to send back to me. you got my message just fine, but really just cant think of anything to say back to me. [12:58]
zx2c4: in this case, its important that you send me a keepalive, so that i know you at least got it. however, these keepalives arent persistent. if subsequently, i have nothing more to say to you, then we both go silent and dont say anything. [12:58]
mircea_popescu: this far we agree. [12:59]
mircea_popescu: now, why is the thing you send an empty message ? [12:59]
zx2c4: because all i need is the valid authtag/nonce. i dont have any actual content to put in there [13:00]
zx2c4: (usually said messages contain an IP packet) [13:00]
mircea_popescu: so it is not "empty" in the sense of "" it is empty in the sense of the payload being null, but the actual message is in fact a nonce and some tags anyway. [13:00]
zx2c4: yea. the plaintext is empty. but the ciphertext is not, since it's authenticated [13:00]
zx2c4: in otherwords, the empty plaintext is still a valid value to be authenticated-encrypted [13:01]
mircea_popescu: can you off the top of your head give me a dummy example of such ? [13:01]
asciilifeform: zx2c4: it would appear that you have a known-plaintext though [13:01]
asciilifeform: in such a message [13:01]
mircea_popescu: asciilifeform depends on how he makes the nonce. [13:01]
asciilifeform: right [13:01]
zx2c4: im not seeing the vulnerability youre speaking about [13:01]
zx2c4: normally when you encrypt a message of 32 bytes, you get 32 bytes of cipher text + 16 bytes of authentication tag [13:02]
mircea_popescu: zx2c4 here's a simple alternative to consider : would you agree the assemblage would be more secure if instead of sending a null payload you sent a random string ? [13:02]
asciilifeform: mircea_popescu do you have a link to the famous penguin handy ? [13:02]
zx2c4: when you encrypt a message of 0 bytes, you get 0 bytes of ciphertext + 16 bytes of authentication tag [13:02]
mircea_popescu: right. [13:02]
mircea_popescu: and if i encrypt 8 bytes, what do i get ? [13:02]
zx2c4: no, i dont think sending a random string would make it more secure [13:02]
zx2c4: normally 8+16 (though wireguard pads to nearest 16) [13:02]
mircea_popescu: and if my slut eve in the other room is listening in, she can distinguish the case where i sent 0 from the case where i sent 8 ? [13:03]
zx2c4: thats right. the padding only happens in multiples of 16 [13:03]
mircea_popescu: so wouldn't it make sense for me to send 8 whether i have anything to say or not ? [13:03]
zx2c4: so you can do traffic analysis on 16 byte chunks [13:03]
zx2c4: why? [13:04]
mircea_popescu: so that eve can't distinguish silent keepalive from actual convo ? [13:04]
zx2c4: what do you get by knowing from inference that it's a keepalive? [13:04]
zx2c4: what is the attack here? [13:04]
mircea_popescu: why am i held to explain how a protocol breach can be elevated to arbitrary height ? the attracker FIND SOMETHING [13:04]
zx2c4: there _are_ attacks, on say voice compression algorithms, which can gather some information from having precise sizes alone, which is why things are padded to nearest 16. but i dont see what would be gathered by what youre suggesting [13:05]
asciilifeform: zx2c4: speaking in general of symmetric ciphers -- a known-plaintext instance anywhere in the stream, or even a means of narrowing down possible plaintext, makes for considerably cheaper break [13:05]
mircea_popescu: well, for instance, if i know six nodes in your network and know asciilifeform uses at most two, and i see those are not transmitting, i know he's asleep and send the titassassins. [13:05]
zx2c4: mircea_popescu: an attacker can also distinguish between a length 15 message and a length 31 message. i still maintain this doesnt give an attacker anything useful [13:05]
mircea_popescu: that may be, but we're discussing the 0 case. [13:05]
mircea_popescu: because i can turn a 31 message into two 15 messages or back but i can't turn 0 messages into anything else. [13:06]
zx2c4: you might be misunderstanding. when nothing is being sent at all, keepalives arent sent. simply no packets are sent [13:06]
mircea_popescu: this is the problem : you introduce a categorical breach with this system. [13:06]
mircea_popescu: zx2c4 suppose he is sending keepalives, what. [13:06]
zx2c4: then thoes keepalives are in response to some message he received [13:06]
asciilifeform: zx2c4: the distinguishability of keepalives also makes it considerably easier to carry out timing attack on your nonconstanttime ecc engine [13:07]
mircea_popescu: in any case, cryptography comes in two sorts : sort a), known here as "this must be secure, it's so confusing to me", and sort b). the moment you say "i can't see what this gives attacker" you force-shove yourself in group a. it's not your business to know the attacker, that's the whole fundamental philosophy of ciphering, that you do not need to know the attacker. [13:07]
asciilifeform: because i can tell when a particular message has been received and ack'd [13:07]
zx2c4: the ecc is constant time. but anyway the transport layer doesnt use any ecc [13:07]
zx2c4: transport layer is all symmetric crypto [13:07]
asciilifeform: it is demonstrably not constant time, on several popular machines, we went over this [13:07]
mircea_popescu: zx2c4 is this constant time ecc implementation on display somewhere btw ? i don't think i ever saw one before. [13:08]
asciilifeform: mircea_popescu: see log [13:08]
zx2c4: mircea_popescu: see logs [13:08]
mircea_popescu: aok [13:08]
zx2c4: mircea_popescu: padded protocols infoleak in multiples of the padding. you get to see if a given packet elicited a 0 reply, a 16 reply, a 32 reply, a 48 reply, and so forth [13:09]
zx2c4: this may indeed be too large of an infoleak and you'd prefer a different padding scheme like always filling the entire MTU [13:10]
zx2c4: (that way you give nothing, except your mtu) [13:11]
mircea_popescu: yes, that's how wer dop it. do you happen to be familiar with diana coman's work on the ada impl of rsa/keccak etc >? [13:11]
* zx2c4 shakes head no [13:12]
mircea_popescu: anyway, the point here isn't that padded protocols infoleak in multiples of the paddiong., the point is that 0 is a special case invariant, and yhou can never leak a multiple of 0 safely. because, again, a message of arbitrary length n can be presented as m messages of length k but 0 messages can never carry anything. [13:13]
mircea_popescu: http://www.dianacoman.com/2017/12/07/introducing-eucrypt/ << it uses the v system are you familiar with v ? [13:13]
zx2c4: why do you think zero is a special case? [13:15]
zx2c4: i havent seen v [13:15]
zx2c4: what is it? [13:15]
mircea_popescu: one thing at a time : if an attacker observes a stream of n messages of lengths != 0, there is nothing he can infer : maybe they're part of one message, or maybe they're not, or maybe they don't even say anything. [13:16]
mircea_popescu: if however he observes a stream of n messages of length = 0, he can infer nothing was said. [13:16]
zx2c4: with many TCP protocols you can infer what's behind it based on the length [13:16]
mircea_popescu: this reduces your strength, like it or not, because ~attacker inferred something~. that's what strength is, "attacker doesn't infer". see the history of the concept of "ban" and hopw turning bamburismus'd. [13:16]
zx2c4: i suppose your point is that you _could_ choose to obscure the lengths of the messages youre sending back? whereas with zero that isnt a possibility? [13:17]
mircea_popescu: in that formulation, sure. [13:17]
zx2c4: thats an interesting consideration [13:17]
mircea_popescu: the problem is fundamental, though. the same EXACT thinking informs this problem as informs the earlier discussion with asciilifeform over null ciphers. [13:17]
mircea_popescu: you have to get it in your head, that 0 is an invariant, and permitting it is always dangerous, because it's not "just another number". [13:18]
mircea_popescu: and saying "multiples of k : 0, 8, 16" is NOT an enumeration of "similar things". 0 is dissimilar to everything else. [13:18]
mircea_popescu: anyway, as to the other one : v is the republican... well many things, but also works as a versioning system. here's a pretty picture to help the notion along : http://btcbase.org/patches << you can select from the drop menu to the left, see vaqrious trees extant. you can click on any item to see the patch it represents. [13:19]
mircea_popescu: sheit. phf what happened to clickable patchgraph!!1 [13:19]
asciilifeform: mircea_popescu: it shows up here [13:20]
asciilifeform: mircea_popescu: iirc you need a svg-capable wwwtron [13:20]
mircea_popescu: ah my browser is not willing. cool. love ya phf ! [13:20]
zx2c4: fancy [13:20]
zx2c4: you guys have invented lots of things here [13:20]
asciilifeform: zx2c4: this isn't v per se tho, it is a graphical viewer for same [13:20]
asciilifeform: v per se is pretty simple [13:20]
asciilifeform: cascadianhacker.com/07_v-tronics-101-a-gentle-introduction-to-the-most-serene-republic-of-bitcoins-cryptographically-backed-version-control-system << likbez [13:21]
mircea_popescu: the idea with it is that patches must be a) clearly assigned to a responsible key and b) well read. actually, not putatively a la ers's trillion dead fish eyes. [13:21]
mircea_popescu: asciilifeform did we ever establish why he wrote the thing in c ? [13:22]
asciilifeform: mircea_popescu: zx2c4's thing ? nope, notyet [13:23]
zx2c4: http://thebitcoin.foundation/v/V-20180222.tar.gz this [13:23]
zx2c4: it's written in C because its in the linux kernel, which is written in C [13:23]
zx2c4: kernel for performance and integration reasons [13:23]
mircea_popescu: that's a perl impl of a v tool by mod6 everyone is invited to make their own v tools. [13:23]
zx2c4: however [13:23]
mircea_popescu: zx2c4 you ever used ada ? [13:23]
zx2c4: we've also got implementations in Rust and Go [13:23]
zx2c4: that are userspace based [13:23]
asciilifeform: zx2c4, mircea_popescu : it is quite trivial to build a kernel mod with gnat [13:23]
asciilifeform: ( iirc i posted a cookbook re same, while back ) [13:24]
mircea_popescu: that was my next answer, yes. [13:24]
zx2c4: ada kernel modules? cool [13:24]
asciilifeform: ( it is however presently unclear to me why the entire ciphrator has to live in kernelspace. granted the packet-thrower perhaps must. but why whole thing. ) [13:24]
mircea_popescu: could you guess, zx2c4 , why we would favour ada for finnicy work such as crypto libs ? [13:24]
zx2c4: unlikely that'd make it upstream if i did wireguard that way, but neat that that's possible [13:24]
zx2c4: i dont have enough exposure to ada to say for certain. how come? [13:25]
mircea_popescu: and could you guess WHY it wouldn't make it upstream ? because ada object-links with c object code np. [13:25]
mircea_popescu: ima let alf explain why ada. [13:25]
zx2c4: linus has never been so happy about other languages in the kernel. for example, he rejected a C++ layer many years ago [13:25]
asciilifeform: i'ma cheat and cite my own article, http://www.loper-os.org/?p=1913 : '... in a heavily-restricted subset of the Ada programming language — the only currently-existing nonproprietary statically-compiled language which permits fully bounds-checked, pointerolade-free code and practically-auditable binaries. We will be using GNAT, which relies on the GCC backend.' [13:26]
asciilifeform: and add to this, that it has an actual paper standard, and minimal 'implementation-defined' rubbish (tho sadly not zero) [13:26]
zx2c4: cool [13:27]
asciilifeform: and doesn't require a multi-MB runtime. [13:27]
zx2c4: sounds great [13:27]
mircea_popescu: zx2c4 the good news is that i am now finally in a position to explain what EXACTLY is meant by "terrorist" : that feeling in http://btcbase.org/log/2018-04-12#1797417 when shit keeps coming and coming and coming up. what is it, if not spiritual terror ? [13:27]
a111: Logged on 2018-04-12 17:20 zx2c4: you guys have invented lots of things here [13:27]
zx2c4: performance is good? [13:27]
asciilifeform: there is absolutely no justification for the continued use of c, aka overflowlang, aka heapabuselang, since... oh, 1985. [13:27]
mircea_popescu: depends. performance on ACTUAL constanttime items is not so good. [13:27]
mircea_popescu: but that's related to how they can't even exist in c. [13:28]
asciilifeform: zx2c4: performance is difficult to compare if you remove various safeguards, you get ~same binary as equiv c proggy would have produced on same ver of gcc. [13:28]
asciilifeform: ( gnat , the ada compiler, is based on ordinary gcc ) [13:29]
zx2c4: so most checking is runtime instead of compile time then? [13:29]
mircea_popescu: actually, most crap is not even permitted. see all the pragmas. [13:29]
asciilifeform: if you switch the runtime checks on, you get a ~50% speed penalty in practice, vs 'naked c' [13:29]
asciilifeform: zx2c4: there is some quite 'fascist' compile-time checking. most noobs to the lang, spend a week or so getting their proggy to even build. [13:30]
zx2c4: hah i like that [13:30]
zx2c4: ill give ada a look. ive long heard about it but never dived in [13:30]
zx2c4: i need to head out for a bit now [13:30]
asciilifeform: the use of pointers, for instance, is discouraged, and their migration between scopes is prohibited [13:30]
zx2c4: but ill idle in here for a while and will be back in several hours mostlikely [13:30]
mircea_popescu: zx2c4 and the good news is, linus permitted ada modules before. [13:30]
zx2c4: ooo scoped pointers. thats nice [13:30]
zx2c4: https://github.com/alkhimey/Ada_Kernel_Module_Toolkit [13:31]
zx2c4: alright, ttyl guys [13:31]
mircea_popescu: later. [13:31]
asciilifeform: zx2c4: you can come back any time, you have voice now. [13:31]
asciilifeform: laters. [13:31]
zx2c4: :) [13:31]
zx2c4: slater [13:31]
mircea_popescu: these logs are getting ever huger. [13:36]
ckang: hey nice glad to see zx2c4 made it in [13:38]
mircea_popescu: word. you're building quite the diplomatic reputation for yourself, you know that ? [13:38]
ckang: lol i try and connect people ) [13:38]
ckang: everything yall spoke about is way over my head [13:38]
ckang: still trying to soak it in [13:39]
mircea_popescu: anyway, guy got a bitcoin, meaning he can put however many more hours into the thing you're using, so wins all around. [13:39]
ben_vulpes: well they are a far cry from the mango gelato of mircea_popescu's haremfactory but goshdarn these alfajores are magical with coffee in the morning [13:39]
ckang: whats your opinion on it, as it stands currently? [13:39]
ckang: from a security perspective [13:40]
mircea_popescu: ckang too soon to say. [13:40]
mircea_popescu: ben_vulpes you should see the britt chocolate covered macadamia nuts. [13:41]
ben_vulpes: sounds tasty [13:42]
ben_vulpes: i have been seduced into liking sugary delights! [13:42]
mircea_popescu: hey, i didn't think i even liked girls, as a 14yo. people get strange ideas in their heads. [13:43]
ben_vulpes: (and it doesn't even have any chocolate...) [13:43]
mircea_popescu: lol [13:44]
mircea_popescu: they have chocolate alfajors tho, is yours just ddl ? [13:45]
ben_vulpes: aha [13:45]
ben_vulpes: experiments from the kitchen, im sure more variants with chocolate will appear as soon as i mention the idea [13:46]
mircea_popescu: generally the alfajor as a commercial item is two wafers, ddl in betrween, whole dipped in hard chocolate. [13:46]
ben_vulpes: mircea_popescu: the .htaccess files included with/generated by mpwp include the `Allow` incantation, which is not a thing in apache 2.4 trilema purports to run on 2.4.16 can the Order/Allow incantations be replaced with the 2.4-style Require? [13:46]
mircea_popescu: ben_vulpes wp doesn't actually care how .htaccess is implemented only that it works. [13:47]
ben_vulpes: huh danielpbarron mentioned to me that it writes the permalinks into .htaccess, this is not so? [13:47]
* ben_vulpes has yet to put rubber to road on this, still researching [13:48]
mircea_popescu: not afaik. i linked you to a snippet lessee [13:48]
mircea_popescu: RewriteCond %{REQUEST_FILENAME} !-d << this sort of thing. [13:50]
mircea_popescu: it redirects missing file references into index.php that's how it does the url replace thing. [13:50]
ben_vulpes: aok so the Order/Allow can probably be swapped for the 'modern' Require styles [13:51]
ben_vulpes: ty mircea_popescu [13:51]
mircea_popescu: ben_vulpes all the Order deny,allow Deny from all Allow from x thing does is lock out by ip it's not even generated by wp itself it can be implemented any way, iptables, csf, whatever. [13:52]
ben_vulpes: in other modern scotchguardlifeamericana, these "100% cotton!" napkins are clearly coated with some heinous anti-absorbent "nanotech". yes, works to wipe crumbs off toddlerface but holyfuck is aggressively and annoyingly nonabsorbent. [13:53]
mircea_popescu: http://btcbase.org/log/2018-04-12#1797053 << should be interesting once spyked wakes up lel. [13:53]
a111: Logged on 2018-04-12 15:48 zx2c4: our two x25519 C implementations (32bit and 64bit) are actually generated by theorem proving software, so that we're sure they dont contain any errors [13:53]
ben_vulpes: i was halfway expecting to see the classic machinegeneratedliquishit objections [13:54]
ben_vulpes: tenor has certainly changed around here of late. [13:54]
mircea_popescu: http://btcbase.org/log/2018-04-12#1797078 << this looks almost like a Very Desperate Man (tm) writing say pcb wiring constraints. [13:55]
a111: Logged on 2018-04-12 15:53 zx2c4: https://git.zx2c4.com/WireGuard/tree/src/crypto/curve25519-fiat32.h [13:55]
asciilifeform: mircea_popescu: it's mechanically-unrolled . [13:55]
mircea_popescu: yeah. [13:55]
asciilifeform: i had example of this back in august, of comba. [13:55]
asciilifeform: runs ~30% faster simply on account of no loop. [13:55]
asciilifeform: ( the pipe stays full ) [13:55]
mircea_popescu: the line 332 explosion is a fine example of this as any could be had. [13:56]
asciilifeform: why the author stopped where he did, and did not unroll ~all~ of the loops, i do not presently know [13:56]
ckang: 'pull request are always welcome' :) as they say [13:57]
mircea_popescu: these are yet too high level matters to be practically approached by this "here's an impl" method. [13:57]
asciilifeform: to be fair, the thing isn't even obscenely lengthy, esp for a robo-generated proggy. ( it remains the case that i dislike c, and also ecc but these are orthogonal concerns ) [13:58]
mircea_popescu: no, and compiled to 40kb, it's clear from this and plenty other signs the dood has the right ideas in his head. [13:59]
mircea_popescu: http://btcbase.org/log/2018-04-12#1797091 [13:59]
a111: Logged on 2018-04-12 15:57 zx2c4: https://א.cc/wrlf5K8I voila [13:59]
asciilifeform: linked proggy is iirc by another d00d [13:59]
asciilifeform: but yes [13:59]
mircea_popescu: https://א.cc/wrlf5K8I voila [13:59]
asciilifeform: it resembles 'nano ecc' which at 1 point asciilifeform tried to port to trb [14:00]
mircea_popescu: i don't get it, what happened ? [14:00]
asciilifeform: re the aleph ? nfi [14:03]
mircea_popescu: mk. [14:04]
mircea_popescu: http://btcbase.org/log/2018-04-12#1797132 << this counterstructure argument is actually quite strong may indeed be stronger than the proponent realizes. [14:06]
a111: Logged on 2018-04-12 16:12 zx2c4: things like RSA boil down to number theory problems. but that's in a sense scarier than the set of problems that good block ciphers tend to boil down to. because it means that those primitives have lots of _structure_, and generally structure is something that can be exploited. just look at all the amazing and fantastic attacks on things with structure. so just boiling down to a [currently considered] "hard problem" doesn't provide as much solace [14:06]
mircea_popescu: http://btcbase.org/log/2018-04-12#1797136 << approximately zero, in that case, for good fundamental reasons to do with... the structure of theoretical possibility. [14:07]
a111: Logged on 2018-04-12 16:13 zx2c4: but even hardness of factoring... how hard is this actually? what number theoretic advances are right around the corner? [14:07]
mircea_popescu: http://btcbase.org/log/2018-04-12#1797142 << understand, the discussion here is re cryptographic hardness, not mathematical hardness as discussed otherplaces in the logs, the mathematical notion of difficulty is "what's the absolute hardest case this problem can yield", because they want to offer maximal flop guarantees cryptographically it is kinda opposite : what's the LOWEST difficulty a problem in this class may yield [14:10]
a111: Logged on 2018-04-12 16:15 zx2c4: shape packing? [14:10]
mircea_popescu: . because they want to put a MINIMUM floor in. so to a large degree mathematical discussions of hardness are not cryptographically useful. [14:10]
asciilifeform: ftr i got ~nowhere re: a proper approach to cryptohardness. [14:12]
asciilifeform: and afaik nobody's made any progress re subj since john von n. [14:13]
asciilifeform: (at least, not publicly.) [14:13]
BingoBoingo: <ben_vulpes> i have been seduced into liking sugary delights! << It's scarcely been more than a month since a fractional alfajore gave you sugar shock [14:14]
asciilifeform: ( what would 'getting somewhere' look like ? how about a general theory, or even ~study of particular case, like aes~ re how many bits of key are leaked per, say, TB of ciphertext ) [14:14]
asciilifeform: right now 2 types of cipher are known -- otp, and errythingelse. only re otp is there a mathematical statement of any substance ( i.e. it is degenerate case, leaks 0 bits ) [14:15]
ben_vulpes: BingoBoingo: that thing was way too way over the top [14:16]
BingoBoingo: ben_vulpes: That think was the commercial item that defines the standard [14:16]
trinque: !!up britknee [14:17]
deedbot: britknee voiced for 30 minutes. [14:17]
BingoBoingo: Now, there's also "alfajores integrals" where a birdseed paste is smashed between two birdseed wafers, but those cost ~70 pesos whereas alfajores verdaderos costs 20-30 pesos [14:18]
ben_vulpes: im generally suspicious of food from plastic bags [14:19]
asciilifeform: http://btcbase.org/log/2018-04-12#1797536 << we may have had the thread iirc, but : cryptographic 'lowest difficulty' is inescapably statistical, considering that there is a nonzero and calculable probability of guessing a key ( under any system which is not otp, i.e. correct key is somehow distinguishable from the space of possible rubbish key ) [14:21]
a111: Logged on 2018-04-12 18:10 mircea_popescu: http://btcbase.org/log/2018-04-12#1797142 << understand, the discussion here is re cryptographic hardness, not mathematical hardness as discussed otherplaces in the logs, the mathematical notion of difficulty is "what's the absolute hardest case this problem can yield", because they want to offer maximal flop guarantees cryptographically it is kinda opposite : what's the LOWEST difficulty a problem in this class may yield [14:21]
asciilifeform: so what you'd want to prove is that there exists ~no~ method more effective than brute guess, for $system. [14:23]
asciilifeform: ( 1 possible variant formulation of this : you want to prove that it is not possible to quickly skip over any portion of key space ) [14:25]
asciilifeform: !!up avgjoe [14:25]
deedbot: avgjoe voiced for 30 minutes. [14:25]
avgjoe: hello, can i ask why deedbot doesn't send me the challange to solve? instead it tells me that i should not up myself [14:26]
asciilifeform: !!reputation avgjoe [14:26]
deedbot: http://p.bvulpes.com/pastes/65zXa/?raw=true [14:27]
asciilifeform: !!key avgjoe [14:27]
deedbot: http://wot.deedbot.org/BCDC7D8A27D1AEE678925A1ED829570EDC4574F5.asc [14:27]
asciilifeform: !#s from:avgjoe [14:27]
a111: 11 results for "from:avgjoe", http://btcbase.org/log-search?q=from%3Aavgjoe [14:27]
asciilifeform: seems like nobody rated you yet, avgjoe [14:28]
asciilifeform: let's fix: [14:28]
asciilifeform: !!rate avgjoe 1 new blood [14:28]
deedbot: Get your OTP: http://p.bvulpes.com/pastes/578NH/?raw=true [14:28]
asciilifeform: !!v DCD764A8C0F6748C7B7549E53AD453D4E1A51D469C59A0E9E9173300B8A14933 [14:28]
deedbot: asciilifeform rated avgjoe 1 << new blood [14:28]
asciilifeform: avgjoe: you should be able to self-voice now. [14:29]
avgjoe: what means NIL here: http://p.bvulpes.com/pastes/65zXa/?raw=true ? [14:29]
asciilifeform: avgjoe: it means that you had no ratings. [14:29]
mircea_popescu: asciilifeform it can't be a debit like that, because the main unknown is the approach. [14:29]
asciilifeform: ( it is also empty set in lisp ) [14:29]
asciilifeform: mircea_popescu: plox to elaborate [14:29]
mircea_popescu: what's it help you to know it's "0.1 bits per tb ~on average~" [14:30]
asciilifeform: mircea_popescu: asking not for average, but for bounds [14:30]
avgjoe: ok thanks, so after someone rates me deedbot allows to up me on demand? [14:30]
asciilifeform: averages don't help much, if it's '0 on whole week but certain death on tuesday noon' [14:30]
mircea_popescu: quite. [14:30]
mircea_popescu: avgjoe yes. [14:30]
mircea_popescu: !!up TrixxC [14:31]
deedbot: TrixxC voiced for 30 minutes. [14:31]
TrixxC: hi am here to register for tits [14:31]
mircea_popescu: go for it. [14:31]
mircea_popescu: TrixxC 0b8d3306 < [14:32]
britknee: hi mircea_popescu [14:32]
mircea_popescu: how goes britknee [14:33]
britknee: having issue with balance [14:33]
britknee: trinque said it needs verify [14:33]
mircea_popescu: lemme check [14:33]
britknee: ty [14:33]
mircea_popescu: britknee right he is, somehow slipped through the cracks. sorry for the delay but it's done now. [14:34]
britknee: all good ty [Xiv] [14:35]
ben_vulpes: not so average joe [14:35]
asciilifeform: http://btcbase.org/log/2018-04-12#1797532 << as far as i can tell the 'rsa has structure! but aes, surely not' is instance of minsky's empty room ( http://btcbase.org/log/2014-11-13#920444 ) [14:35]
a111: Logged on 2018-04-12 18:06 mircea_popescu: http://btcbase.org/log/2018-04-12#1797132 << this counterstructure argument is actually quite strong may indeed be stronger than the proponent realizes. [14:35]
a111: Logged on 2014-11-13 23:07 mircea_popescu: In the days when Sussman was a novice, Minsky once came to him as he sat hacking at the PDP-6. [14:35]
mircea_popescu: britknee where's your friends ? [14:35]
mircea_popescu: asciilifeform yes well. one thing at a time huh :D [14:35]
britknee: you want more pics with #? [14:36]
mircea_popescu: britknee i'm here all week! [14:36]
asciilifeform: mircea_popescu: aite, i'ma return to packing launch capsule, bbl [14:36]
mircea_popescu: well, actually about to go to the beach right now, but in general speaking. [14:36]
britknee: oh I will put the word out then [14:36]
britknee: enjoy the beach [14:37]
mircea_popescu: you seen the pics ? [14:37]
britknee: link? [14:38]
mircea_popescu: http://trilema.com/2018/land-of-coffee-land-of-winds-land-of-oddly-moistened-bints/ << that's from the day i died at sea [14:38]
BingoBoingo: Ah, the seekrit beach [14:38]
mircea_popescu: but if you look through that category ("la pas prin lume") there's a ton of various. [14:39]
britknee: bints lol, rare word [14:39]
mircea_popescu: are you actually british ? [14:39]
britknee: no, britney [14:39]
mircea_popescu: close enough. [14:39]
mircea_popescu: but are you from uruguay ? because BingoBoingo tells me you look uruguashan. [14:39]
britknee: hispanic [14:40]
mircea_popescu: !!up sashahsas [14:40]
deedbot: sashahsas voiced for 30 minutes. [14:40]
mircea_popescu: !!up kittycollector [14:40]
deedbot: kittycollector voiced for 30 minutes. [14:40]
britknee: columbia and mexico [14:40]
mircea_popescu: voice for all teh girls! [14:40]
mircea_popescu: britknee oh, i was in columbia recently. [14:40]
mircea_popescu: http://trilema.com/2018/bogota-a-mixed-bag/ << there. you ever go to bogota ? [14:41]
britknee: I haven't actually been, by blood [14:41]
mircea_popescu: a. [14:41]
TrixxC: i brb there is someone at door [14:44]
mircea_popescu: http://btcbase.org/log/2018-04-12#1797184 << you definitely should do that, seeing how the superficial "was reviewed" claim collapses upon the most cursory scrutiny. this is not a good state to put yourself into, it makes it too easy to be painted with unflattering brushes. [14:45]
a111: Logged on 2018-04-12 16:25 zx2c4: i havent compiled a list of Name+WrittenReview. maybe i should do that [14:45]
mircea_popescu: i dunno what your experience with "peer review" is, but as far as anyone involved is aware, exactly no review goes on in those circumstances. see sokal & all. [14:46]
mircea_popescu: !#s "Transgressing the Boundaries: Towards a Transformative Hermeneutics of Quantum Gravity" [14:47]
a111: 0 results for "\"Transgressing the Boundaries: Towards a Transformative Hermeneutics of Quantum Gravity\"", http://btcbase.org/log-search?q=%22Transgressing%20the%20Boundaries%3A%20Towards%20a%20Transformative%20Hermeneutics%20of%20Quantum%20Gravity%22 [14:47]
mircea_popescu: well... now there is. [14:47]
* asciilifeform has been, in person, to one of the shameful, incestuous tree-houses of the 'cryptographers' [14:47]
* asciilifeform was memorably unimpressed. [14:47]
avgjoe: a curiosity about the deedbot wallet feature: if i use that feature, who is controlling the keys? [14:47]
mircea_popescu: asciilifeform anyway, his stance is defensible, "blake was at sha camp, just like keccak, what do you want." [14:47]
avgjoe: or at least, a server located where? [14:48]
mircea_popescu: avgjoe you ? [14:48]
mircea_popescu: or what do you mean exactly ? [14:48]
mircea_popescu: trinque is your counterparty. [14:48]
avgjoe: i supposed that was an hot wallet feature [14:48]
avgjoe: something like that [14:48]
asciilifeform: mircea_popescu: blake2 is bernstein's hash ( consists of a slightly modified chacha, his symmetric algo ) [14:48]
mircea_popescu: i know, i know. just saying, "we picked the non-chosen candidates at random, go sue." [14:49]
asciilifeform: i've no particular objection to snake oil from king cobra vs from japanese viper but as i observed earlier, the sudden popularity of bernsteinism has never been explained to my satisfaction. [14:49]
mircea_popescu: he's popular. [14:50]
mircea_popescu: goes to their silly little "polyamory" covens on campus and frowns paternally. [14:50]
mircea_popescu: or w/e the fuck. the youth is desperate for adult figures, much like the savage kids in the us black ghetto. [14:50]
asciilifeform: wasn't so popular when he was demonstrating effective smooth integers algo [14:50]
asciilifeform: but then suddenly very very hip when crackpot symmetrics. [14:50]
mircea_popescu: wasn't meeting the above quals. [14:50]
asciilifeform: evidently [14:50]
mircea_popescu: morgan freeman is also worshipped now. why ? same reason. wolf-raised kids can't believe oldman is a thing. [14:51]
mircea_popescu: nobody cared about him back when he was a good actor 20 years ago as much as they care now, that he delivers wooden monologues of sheer nonsense. [14:51]
trinque: avgjoe: no, there is no hotwallet [14:52]
avgjoe: "Requests that `amount` be withdrawn from your available balance and sent to `to-btc-address`. This step shall be performed by a human operator after reviewing account history. Expect at least one day of processing. Bitcoin transaction fees shall be deducted from your account." [14:53]
trinque: only airgapped wallet, and human meat that cuts transactions [14:53]
avgjoe: thanks [14:54]
avgjoe: is a feature for doing off chain transactions by trusting the human meat or i'm missing something? [14:58]
mircea_popescu: https://pgp.cs.uu.nl/paths/49fc7012a5de03ae/to/8a736f0e2fb7b452.html in other news. [14:58]
mircea_popescu: avgjoe it's exactly equivalent to "segwit" except much less expensive. [14:58]
avgjoe: ok, so as long as i see trinque alive on irc i can feel safe about my test bitcents on it [15:00]
avgjoe: correct? [15:00]
mircea_popescu: just about. [15:00]
trinque: I am the operator yes. [15:00]
trinque: !!gettrust avgjoe trinque [15:04]
deedbot: L1: 0, L2: 0 by 0 connections. [15:04]
trinque: !!gettrust ben_vulpes trinque [15:05]
deedbot: L1: 4, L2: 21 by 10 connections. [15:05]
asciilifeform: trinque: refreshed daily ? [15:05]
trinque: what is? [15:05]
asciilifeform: the db [15:05]
asciilifeform: ( i rated him earlier today ) [15:05]
trinque: I measured from him. [15:06]
trinque: !!gettrust trinque avgjoe [15:06]
deedbot: L1: 0, L2: 1 by 1 connections. [15:06]
asciilifeform: aaa [15:06]
asciilifeform: i had nfi this was noncommutative [15:06]
asciilifeform: but it nao makes sense [15:06]
avgjoe: why the reverse show 1 connection? [15:06]
trinque: avgjoe: the point being, while I can give you a lot of nice words about not stealing your bitcents, this doesn't amount to much. [15:06]
trinque: the web of trust, being in it and forming connections, is the proper way to answer the q [15:07]
trinque: asciilifeform: sure, maybe some guy trusts me and I think he's crazy [15:08]
asciilifeform: right [15:08]
trinque: avgjoe: http://trilema.com/2014/what-the-wot-is-for-how-it-works-and-how-to-use-it/ [15:08]
avgjoe: trinque: may I also ask, is just the wallet feature that need human presence or deedbot does other semi-auto functions? [15:09]
trinque: wot updates and all the rest are immediate [15:09]
trinque: movement of actual money (btc) is for obvious reasons, not [15:10]
trinque: anyhow avgjoe, who are you, and how'd you come by us? [15:11]
avgjoe: so if I understand correct: all the deedbot functions are ready to go for a newcomer, except for the wallet function that works well after having a good wot connection [15:11]
ben_vulpes: trinque: web site is run on a daily job? [15:11]
trinque: cron, yep. [15:12]
mircea_popescu: avgjoe you read http://trilema.com/2014/what-the-wot-is-for-how-it-works-and-how-to-use-it/ yes ? [15:13]
trinque: avgjoe: incorrect, wallet works for n00bs immediately [15:13]
mircea_popescu: o sorry, repost. [15:14]
trinque: my point was that you can't answer the question of whether to trust me as you sit there now [15:14]
trinque: well, can, but by doing it and seeing what happens. [15:14]
trinque: I am at "dog on internet" status for you [15:14]
mircea_popescu: omg, eaten log. go me! [15:15]
mircea_popescu: and bbl folks, have a great time. [15:15]
avgjoe: bye [15:15]
trinque: adios mircea_popescu [15:15]
avgjoe: i mean, ok, it works for noobs, but at the same time you don't know instantly who is managing the keys [15:16]
trinque: sure you do, search logs for "deedbot" [15:17]
ben_vulpes: trinque: dude has a point, self-referential though it might be faq.html would benefit from an "i am trinque, and have been running this service for members in good standing of the #trilema wot and others before it since XXX" [15:18]
trinque: depends on whether I think people oughta come in through existing users, or not [15:19]
trinque: wottronics says I do [15:20]
ben_vulpes: puts one miles ahead of eg localbitcoins, puts the personal aspect of trust front and center. [15:20]
avgjoe: that's would be nice, then it's up to the average joe to look up the history and wot [15:20]
trinque: someone will have to make the argument in favor of average joes [15:20]
trinque: I will at least say mircea_popescuine features come way first. [15:20]
trinque: note that a horde of titties just came through and used the thing on the basis of knowing douchebag [15:21]
ben_vulpes: hey it is your faq, you may answer as f as you like [15:21]
* trinque is fine with putting it, so long as avgjoe here reads that WoT article. [15:22]
trinque: avgjoe: you didn't introduce yourself though. so go ahead [15:22]
avgjoe: yes, sorry [15:23]
asciilifeform: avgjoe: understand, 'looking up' tells you just about nothing if you do not have any existing trust of any of the people who wrote the item you are 'looking up' in. [15:23]
asciilifeform: avgjoe: there is no magical document that proves trustworthiness. but there is, just like thousand years ago, working with people, and developing relation with them [15:24]
avgjoe: i'm a student, I've discovered bitcoin thanks to raiblocks [15:27]
ben_vulpes: avgjoe: this is some altcoin? [15:27]
avgjoe: basically a coin that was given to lazy people that solved captchas [15:27]
ben_vulpes: what are you studying? [15:28]
avgjoe: then this coin has gained popularity for supposed scalability features that i've never investigated [15:28]
ben_vulpes: well it's more of a nineties yahooforum pink sheet stock but that's neither here nor there [15:28]
avgjoe: and a couple of months ago i was lucky to cash out in bitcoin the crazy (at least for me) amount generated by solving captchas [15:29]
ben_vulpes: what are you studying though? [15:30]
trinque: FAQ updooted [15:31]
avgjoe: after seeing that raiblocks was just some random coin, i tried to understand better bitcoin and found trilema as a very valid starting point, no-frills like, to use bitcoin in a responsable manner [15:31]
ben_vulpes: eyy trinque neato [15:31]
avgjoe: sociology [15:35]
ben_vulpes: avgjoe: studie in system oppression and advanced microagressions or what? [15:40]
avgjoe: no, it's a easy/fake study to have more spare time keeping government grants [15:42]
ben_vulpes: and what do you do with all that spare time [15:43]
avgjoe: reading trilema [15:43]
avgjoe: and the logs in these days :D [15:43]
avgjoe: and hiking [15:44]
shinohai: !!up TrixxiC [15:44]
deedbot: TrixxiC voiced for 30 minutes. [15:44]
lobbes: I was going to hop on to state this very point, but alf beat me to it so I will simply underline and point to trilema article referenced twice above. My own trust for various people (read: cryptographically backed identities) in here was not immediate, but evolved over the 4 years I've spent interfacing with said people. >> http://btcbase.org/log/2018-04-12#1797719 [15:46]
a111: Logged on 2018-04-12 19:23 asciilifeform: avgjoe: understand, 'looking up' tells you just about nothing if you do not have any existing trust of any of the people who wrote the item you are 'looking up' in. [15:46]
avgjoe: thanks [15:47]
spyked: hey trinque, the front page of deedbot.org shows "Bot's address: [...] (balance {u'message': u'Method not found', u'code': -32601})" on 2nd line. looks outta the ordinary. [15:51]
trinque: blah, k [15:51]
trinque: ty [15:51]
spyked: yw :) [15:52]
* trinque left an experimental walletless trb running on that box [15:52]
lobbes: trinque, while yer digging I noticed that wot.deedbot.org appears to have not updated in a bit (e.g. I unrated "blazedout419" a few weeks ago, yet still shows >> http://wot.deedbot.org/3320BCA7825525AD077203C331F36D29A4D93652.html) [15:53]
trinque: that I knew, but ty [15:54]
trinque: gotta figure out why the cron job keeps getting stuck. [15:54]
* trinque just ran the same command as from cron, pretty weird [15:56]
spyked: http://btcbase.org/log/2018-04-12#1797506 <-- ain't gonna bitch about that. but just for lulz: http://archive.is/tatUF and to think, proof systems (Coq, Isabelle/HOL, etc.) exist mainly to slap humans on their wrists when they err. [15:58]
a111: Logged on 2018-04-12 17:53 mircea_popescu: http://btcbase.org/log/2018-04-12#1797053 << should be interesting once spyked wakes up lel. [15:58]
ben_vulpes: gonna spam for a sec, pls hold [15:58]
trinque: spyked: any chance you want to do mircea_popescu's requested RSS bot? I've got plenty on my plate as it stands. [15:59]
trinque: could probably pretty easily bolt your cl-feed-parser to ircbot [16:00]
ben_vulpes: !!v A8527E69320679E6A9735D12955BCA7DCD898A8A3FCBEA7FBC072778536740D4 [16:00]
deedbot: ben_vulpes unrated kakobrekla. [16:00]
ben_vulpes: !!v 40DF9387B2D7D3DFD492542208C673DCF4EB12B8CD544FEA04FC749981D783A3 [16:00]
deedbot: ben_vulpes updated rating of mircea_popescu from 4 to 5 << master of the realm [16:00]
ben_vulpes: !!v 59EAE7DF138654819F93FE3BDFD9CE3A7FC8C8737D5CF401E220CB446845C062 [16:00]
deedbot: ben_vulpes updated rating of trinque from 4 to 6 << against every creature, living or dead [16:00]
ben_vulpes: !!v 14F938EC2F445708F8B2704A257EA91F60D111ED5D95ACC60A03616701228562 [16:00]
deedbot: ben_vulpes updated rating of mod6 from 4 to 5 << foundation co-chair [16:00]
ben_vulpes: !!v D4321170EE27F031AD3EEBD41B8E1E4C532F5637D57A62D835551A93A30A3132 [16:00]
deedbot: ben_vulpes updated rating of lobbes from 3 to 3 << staunch sapper [16:00]
ben_vulpes: !!v 5976F80A1F2794B3EF34F34B531D95AAC1A1EF99007F67608F86ADC5525DC2A6 [16:01]
deedbot: ben_vulpes updated rating of mike_c from 3 to 1 << lost, but not forgotten [16:01]
ben_vulpes: !!v 51B9DE7561B66E6C2536CEDABC6355C499625EE1012B99831FF71C09FECB429E [16:01]
deedbot: ben_vulpes updated rating of hanbot from 2 to 4 << legendary valkyrie [16:01]
ben_vulpes: !!v EC5C8E14678916A59CF2A0AF481BD9AEA6271F301CA009DE720904DC71808096 [16:01]
deedbot: ben_vulpes unrated mthreat. [16:01]
ben_vulpes: !!v 182509D378DBE6EA3EE17CF0C0E38AAAE2D682170F86A684F3318DBC7FE70CCB [16:01]
deedbot: ben_vulpes unrated rye. [16:01]
ben_vulpes: !!v 16810532F1E34865D544F57908471397D1314800FCC04AE800275D38D86C1604 [16:01]
deedbot: ben_vulpes unrated ang-st. [16:01]
ben_vulpes: !!v E7073EFBA9BF9CDB7A6054E7406C45FD38E8F13504CD05F1BE0B13CA126D3DAD [16:01]
deedbot: ben_vulpes updated rating of danielpbarron from 1 to 3 << his worship [16:01]
ben_vulpes: !!v F934F5806DE35FBFB10DFD5C64BAB2CFF17A5DD75EB6DC123F65BB80D5DA16B6 [16:01]
deedbot: ben_vulpes unrated princessnell. [16:01]
ben_vulpes: !!v BCBF03DA53D0411F7C81BC7367C96AF0488FFAC5FB83261C5A550C1A258C6AED [16:01]
deedbot: ben_vulpes unrated smickles. [16:01]
ben_vulpes: !!v D99F7B29DD8BC742D50988B5155A3D265BBF5AED29CC8089ED2940DE526BD257 [16:01]
deedbot: ben_vulpes unrated solrodar. [16:01]
ben_vulpes: !!v 1BFCF592050AC7F1172BAC82BF491D0462E8E274488A67430FDB9FE12C38BB9D [16:01]
deedbot: ben_vulpes unrated vvande. [16:01]
ben_vulpes: !!v 761EDFB41C3704005996B2D3A97F68375DDC6F440301B64E9F10DC5C3F82175D [16:01]
deedbot: ben_vulpes unrated xmj. [16:01]
ben_vulpes: !!v 23F54062DF2992D7F763DA177DA54B1C8E535E6D170F8E55EC2E8FE4AC22E01D [16:01]
deedbot: ben_vulpes unrated agustin. [16:01]
ben_vulpes: beg pardon, that's done [16:01]
* ben_vulpes to ice hands [16:02]
spyked: trinque, yeah, I'm actually playing with cl-feed-parser to get an idea of what's required for the feed bot, going to spec it and all. I grabbed it off the githubs ( https://github.com/tkych/cl-feed-parser ) and the number of dependencies is irksome, so if you happen to know a better alternative other than building my own, I'm open to suggestions [16:04]
trinque: nope, current thing is a sad pythonball hanging off the side. [16:04]
spyked: okay then, I'm gonna work it off this. it'd be enough to replace the "drakma" http client with something lighter, and I'd already cut about half of it. the dependency tree leads to two xml parser libraries being used (plus other redundant stuff). [16:07]
spyked: whole thing's a mess, but I'm organizing the code so that I can eventually replace it with something else. [16:08]
trinque: a muntzed drakma would be a fine thing, I'd sign [16:10]
spyked: anyway, back to http://btcbase.org/log/2018-04-12#1797753 : also, I ran a http://p.bvulpes.com/pastes/hYZVy/?raw=true out of curiosity. results: cca 150k LoC of proof (of which ~10k just the basic definitions) that generate another cca 100k LoC of C code. but to be fair, this is for more than just 25519 [16:16]
a111: Logged on 2018-04-12 19:58 spyked: http://btcbase.org/log/2018-04-12#1797506 <-- ain't gonna bitch about that. but just for lulz: http://archive.is/tatUF and to think, proof systems (Coq, Isabelle/HOL, etc.) exist mainly to slap humans on their wrists when they err. [16:16]
spyked: zx2c4, I've been looking over the tamarin protocol verification paper and I'm curious, what does "symbolic verification" mean? also, what's the thing's output? is it just a "yes, properties hold" or does it also output the proof? [16:20]
spyked: more to the point, this is similar to asciilifeform's "auditability" question. is there a way to obtain a (ideally human-readable) set of deductions out of the prover? [16:24]
asciilifeform: spyked: if you recall, back in the 'minsky age', that was the initial attraction of mechanical 'reasoners' -- discovery of ~simple~ inferences [16:48]
asciilifeform: unfortunately it never went far beyond 'rediscovered pythagor's theorem' [16:48]
asciilifeform: but this was enuff for the tech to find its way to the cargocultists. [16:49]
asciilifeform: http://btcbase.org/log/2018-04-12#1797798 << 1 of the things on asciilifeform's 'wish list', is a reasonable ada http serv [16:49]
a111: Logged on 2018-04-12 20:10 trinque: a muntzed drakma would be a fine thing, I'd sign [16:49]
asciilifeform: ( somewhere along the lines of http://btcbase.org/log/2018-02-02#1780200 thread ) [16:50]
a111: Logged on 2018-02-02 22:32 asciilifeform: idea is a http server in <1000 ln of ada, approx. [16:50]
asciilifeform: 'reasonable' meaning, on top of mere compactness, other fine things like heaplessness [16:51]
asciilifeform: http://btcbase.org/log/2018-04-12#1797799 << if this looks monstrous, prepare to barf when you consider how much the ~verifier~ weighs [16:52]
a111: Logged on 2018-04-12 20:16 spyked: anyway, back to http://btcbase.org/log/2018-04-12#1797753 : also, I ran a http://p.bvulpes.com/pastes/hYZVy/?raw=true out of curiosity. results: cca 150k LoC of proof (of which ~10k just the basic definitions) that generate another cca 100k LoC of C code. but to be fair, this is for more than just 25519 [16:52]
asciilifeform: ( and i dun think i need to explain that the mecha-proof is ~meaningless~ without reading the claimed verifier ) [16:53]
asciilifeform: spyked: in re proof machines, i'm much moar interested in items like ACL2 , where you can affix your hand-written program to a hand-written proof of correctness in a mechanically-reliable way [16:55]
asciilifeform: ada's spark is a similar, if somewhat uglier/bulkier, thing [16:55]
asciilifeform: in any case fits-in-head MUST come ahead of 'proofiness'. [16:56]
asciilifeform: !#s acl2 [16:57]
a111: 7 results for "acl2", http://btcbase.org/log-search?q=acl2 [16:57]
asciilifeform: ^ possibly thread. [16:57]
asciilifeform: ben_vulpes: http://btcbase.org/log/2018-04-12#1796970 << here's a thing i wondered about for many yrs : is there any reason why a wirbelrohr could not do the job of 'frost control' in an 'airbreather rocket' ? [17:06]
a111: Logged on 2018-04-12 07:30 ben_vulpes: 2015, btw, aviationweek http://aviationweek.com/space/reaction-engines-reveals-secret-sabre-frost-control-technology [17:06]
asciilifeform: ben_vulpes: gives you clean, h2o-free o2, if the spigot is placed correctly in the vortex, as i understand [17:07]
asciilifeform: also gives you cooling, reasonably cheaply [17:08]
ben_vulpes: my first q is what is the breadth of intake gas velocities and fluxes that such a device could handle [17:09]
asciilifeform: as i understand, would be constrained by possible length of the tube and the strength of the material from which it is made [17:10]
asciilifeform: ( as well as the fact that it has to work 'from parking lot to mach X' ) [17:10]
ben_vulpes: interesting [17:11]
ben_vulpes: won't work past mach [17:13]
ben_vulpes: refrigeration depends on compressibility of the working fluid [17:13]
asciilifeform: must point out, i haven't the faintest reason to think that it would work was specifically curious re whynot [17:13]
asciilifeform: ben_vulpes: iirc wirbelrohr works just the same on liquids [17:14]
asciilifeform: for so long as you can make a pressure gradient at all. [17:15]
asciilifeform: ( if you cannot, you have a solid, and naturally no it won't work on a solid, lol ) [17:15]
ben_vulpes: just cribbing from wikipedia here, but "there is no longer cooling observed since cooling requires compressibility of the working fluid" [17:16]
asciilifeform: ( though i suspect something like it would even work in a 'springy' solid. see 'phonons' etc ) [17:16]
ben_vulpes: it'll cool, sure, but nowhere near as much as if it were a gas, as the gas will condense and pull further heat out of the local system. [17:17]
ben_vulpes: not condense, but compress. [17:18]
asciilifeform: ben_vulpes: colour me thick, but how does the compression of oncoming gas ~pull out~ heat ? consider how 'reentry heat' comes about. [17:19]
asciilifeform: meteorite does not burn from friction of atmosphere, but specifically from compressing oncoming air [17:19]
asciilifeform: think 'diesel' [17:19]
ben_vulpes: nono color me thick [17:19]
ben_vulpes: there is an expander in the diagram, had a sign error [17:20]
ben_vulpes: https://aip.scitation.org/doi/10.1063/1.1740893 [17:21]
ben_vulpes: "The Use of the Expansion of Gases in a Centrifugal Field as Cooling Process" [17:21]
asciilifeform: btw ben_vulpes probably has held in his hands, the tube : they are often found in machine shops [17:21]
asciilifeform: spot-cooling for milling process [17:21]
asciilifeform: intake of 'whistle' goes to the house air hose [17:22]
ben_vulpes: might work if you had enough expander and volume to slow the intake down and get it out of the incompressible regime [17:22]
asciilifeform: cold-end -- points down at $workpiece [17:22]
ben_vulpes: asciilifeform: yeah here and there, more frequently we simply flooded the workpiece with coolant. [17:22]
asciilifeform: ben_vulpes: you'd want prolly something like the 'mouth' of mig-15 [17:23]
ben_vulpes: could make a good intercooler for garage flugenthingers [17:23]
ben_vulpes: or hm [17:24]
asciilifeform: ben_vulpes: don't fixate on the cooling i proposed it as simple means of producing 'dry' air [17:24]
asciilifeform: cooling -- bonus. [17:24]
ben_vulpes: heh well then you gotta cool the dryer, dontcha [17:25]
asciilifeform: nope [17:25]
asciilifeform: consider what happens in the vortex. center tap gives you 'cold end', which contains the heavier objects, incl. water [17:26]
asciilifeform: outer tap -- 'hot' -- is dry air [17:26]
asciilifeform: colour me again thick, why does the dry air require cooling ? esp if your intended use for it is rocket oxidizer [17:27]
asciilifeform: why not pipe it straight to the chamber. [17:27]
ben_vulpes: you'll want to compress it somewhat for reasons of efficiency consider again the diesel and its turbo [17:27]
asciilifeform: the motion of the rocket ( align the tube with the motion axis, naturally ) does this for you, neh [17:28]
ben_vulpes: not on the tarmac [17:29]
ben_vulpes: this is the ramjet [17:29]
* asciilifeform does not harbour any illusions that this is 'easy pill' -- think, e.g. korolev would have had this pill, if it were so easy. but curious re the prohibitive boojum specifically. [17:29]
asciilifeform: ben_vulpes: roughly [17:29]
jurov: i think the vortex sorts particles by momentum, not necessarily by temperature [17:29]
ben_vulpes: hellish inferno of combustion chamber is at very high pressures in engineered rocket engine. [17:29]
asciilifeform: jurov: naturally not 'by temperature' purely, or you would have 'maxwell's daemon' lol [17:29]
jurov: but i don't know if same temperature means h2o and o2 molecules have same momentum? or they have same kkinetic energy? [17:30]
ben_vulpes: jurov: it's alll the same thiiiiing [17:30]
ben_vulpes: you get some gases that speed up, pulling energy out of the gases that slow down which dump energy into the higher speed gases. not purely a 'sorter'. [17:32]
jurov: you want it to separate water, no? [17:34]
ben_vulpes: i think it puts the water in the wrong place. you get dry, hot air which you'd then have to cool and compress into the engine and cold wet air (possibly with the water condensed out entirely with a spigot) [17:37]
asciilifeform: ben_vulpes: there is of course another way to get dry air [17:37]
asciilifeform: above certain temp, water cannot exist, only h2, o2 [17:37]
ben_vulpes: heh ah ha [17:38]
asciilifeform: whether it is possible to create this condition mechanically, purely from result of vehicle's motion -- i do not know [17:38]
ben_vulpes: "i know, let's premix our fuel and oxidizer!" [17:38]
asciilifeform: probably a simple calculation would tell us 'nope'. and if al schwartz were here, he might deign to post it [17:39]
ben_vulpes: this gets tried once a generation [17:39]
asciilifeform: but he aint here. [17:39]
asciilifeform: and nope, not premix, lol [17:39]
asciilifeform: 'bang gas' or what's it in engl. [17:39]
ben_vulpes: hypergolic? [17:39]
ben_vulpes: anyways i have a girthy sql to wrestle and http://logs.bvulpes.com/trilema?d=2018-3-23#317862 [17:40]
mimisbrunnr: Logged on 2018-03-23 04:08 douchebag: Okay, why do you guys liek arguing so much? Is this why you guys don't get anything done? [17:40]
asciilifeform: neh that's not 'premixed in the tank' lol [17:40]
asciilifeform: that's mixed in nozzle. [17:40]
asciilifeform: but aite. [17:40]
ben_vulpes: bang gas is then a pressure-drop triggered combustion? [17:40]
ben_vulpes: yeah i can't this thread anymore, too damn seductive. [17:40]
spyked: http://btcbase.org/log/2018-04-12#1797811 <-- been there. and the kernel is not monstrous (paper: http://www.cs.ru.nl/~freek/courses/tt-2012/papers/sadhana.pdf -- funfact: a bastard version of mccarthy's "maxwell equations" lies buried somewhere in there), but attempting to use it to solve even simple problems from 7th grade mathbook can lead to huge codebase. and will inevitably bring the computer-aided mathematician to an existential [17:43]
a111: Logged on 2018-04-12 20:52 asciilifeform: http://btcbase.org/log/2018-04-12#1797799 << if this looks monstrous, prepare to barf when you consider how much the ~verifier~ weighs [17:43]
spyked: crisis. [17:43]
asciilifeform: spyked: sorta how it is ~impossible to write a prolog proggy without several times ending up asking machine np-hard question. [17:43]
asciilifeform: spyked: i dun have anything against mechanical proof per se but it is NOT a substitute for fits-in-head, because there is nor cannot be any such substitute. and the mass of the theorem-verifier is to be included with the mass of the program, for the purpose of 'is this head-fittable'. but possibly i repeat old thread. [17:44]
deedbot: http://qntra.net/2018/04/wwiii-continues-waiting/ << Qntra - WWIII Continues Waiting [17:48]
spyked: http://btcbase.org/log/2018-04-12#1797815 <-- must confess that I am eager to read FFA spark. [17:57]
a111: Logged on 2018-04-12 20:55 asciilifeform: ada's spark is a similar, if somewhat uglier/bulkier, thing [17:57]
asciilifeform: spyked: it'll happen. tho i am aiming for folx to end up answering 'this did not need sparkism, it is evidently correct to naked eyes' [17:59]
asciilifeform: !!up saturn_ [18:06]
deedbot: saturn_ voiced for 30 minutes. [18:06]
saturn_: heyyy [18:06]
saturn_: i did not get my bitcoins yet xc [18:07]
asciilifeform: ^ trinque ? [18:07]
asciilifeform: saturn_: iirc he processes withdrawals nightly [18:08]
saturn_: okidokie cx [18:08]
trinque: saturn_: http://btcbase.org/log/2018-04-12#1796948 [18:26]
a111: Logged on 2018-04-12 07:03 trinque will get to these tomorrow, girls [18:26]
saturn_: ty!!!! [18:28]
douchebag: alright bois [19:58]
douchebag: crackin a cold 1 [19:58]
zx2c4: mircea_popescu: asciilifeform: http://btcbase.org/log/2018-04-12#1797528 http://btcbase.org/log/2018-04-12#1797506 -- in case you're interested in the ecc stuff more, the formally verified fiat and hacl implementations are not the only ones we have. we also have constant time accelerated x86 adx and bmi2 implementations https://git.zx2c4.com/WireGuard/tree/src/crypto/curve25519-x86_64.h and also constant time accelerated arm neon implementations [20:42]
a111: Logged on 2018-04-12 18:00 asciilifeform: it resembles 'nano ecc' which at 1 point asciilifeform tried to port to trb [20:42]
a111: Logged on 2018-04-12 17:53 mircea_popescu: http://btcbase.org/log/2018-04-12#1797053 << should be interesting once spyked wakes up lel. [20:42]
zx2c4: https://git.zx2c4.com/WireGuard/tree/src/crypto/curve25519-arm.S [20:42]
zx2c4: mircea_popescu: http://btcbase.org/log/2018-04-12#1797532 why stronger than i realize? [20:42]
a111: Logged on 2018-04-12 18:06 mircea_popescu: http://btcbase.org/log/2018-04-12#1797132 << this counterstructure argument is actually quite strong may indeed be stronger than the proponent realizes. [20:42]
zx2c4: asciilifeform: http://btcbase.org/log/2018-04-12#1797596 obviously aes has quite a bit of structure too, but there's a difference [20:42]
a111: Logged on 2018-04-12 18:35 asciilifeform: http://btcbase.org/log/2018-04-12#1797532 << as far as i can tell the 'rsa has structure! but aes, surely not' is instance of minsky's empty room ( http://btcbase.org/log/2014-11-13#920444 ) [20:42]
zx2c4: asciilifeform: http://btcbase.org/log/2018-04-12#1797645 it's based on chacha but was actually developed by aumasson and co [20:42]
a111: Logged on 2018-04-12 18:48 asciilifeform: mircea_popescu: blake2 is bernstein's hash ( consists of a slightly modified chacha, his symmetric algo ) [20:42]
zx2c4: spyked: http://btcbase.org/log/2018-04-12#1797801 tamarin (and cryptoverif and proverif) spit out the proof too. tamarin has a nice mode that will draw diagrams and flow charts too to make it easier to digest the proofs. people even have scripts to convert the output into latex in case you want an academic paper for free... [20:42]
a111: Logged on 2018-04-12 20:20 spyked: zx2c4, I've been looking over the tamarin protocol verification paper and I'm curious, what does "symbolic verification" mean? also, what's the thing's output? is it just a "yes, properties hold" or does it also output the proof? [20:42]
lobbes: been thinking through tickerbot design, and seems like the sane thing would be to have Process A (which is an instance of logbot-genesis with "logbot-multiple-channels-corrected" patch) running that makes changes to a postgresql database. [21:52]
lobbes: Then I have Process B that is triggered on changes to that database doing the various "market price" retrieval and volume averaging. Process B inserts retrieved data into database and Process A responds accordingly [21:52]
lobbes: technical design aside though, there's still that obvious fact that we have to rely on various $mtgoxes for market price :/ Though I'm not sure what be a better source for a fiat-btc exchange rate (iirc this was a mini-thread somewhere in logs) [22:03]
trinque: kittycollector and sashahsas, you used the same address. someone is lazy. [22:06]
mircea_popescu: lmao [22:12]
mircea_popescu: !!up TrixxC [22:12]
deedbot: TrixxC voiced for 30 minutes. [22:12]
mircea_popescu: zx2c4 specifically for the "empty room" problem he brought up. do you follow the logic there ? [22:13]
mircea_popescu: http://btcbase.org/log/2018-04-12#1797734 << hey. he has a point there, if you're gonna bilk it gotta bilk it. [22:17]
a111: Logged on 2018-04-12 19:42 avgjoe: no, it's a easy/fake study to have more spare time keeping government grants [22:17]
mircea_popescu: http://btcbase.org/log/2018-04-12#1797781 << aww, dese women in tech. [22:19]
a111: Logged on 2018-04-12 20:01 deedbot: ben_vulpes unrated princessnell. [22:19]
mircea_popescu: btw, does it occur to anyone else that #trilema is way ahead of i dunno, black-chicks-code or whatever other imperial nonsense in terms of both headcount, volume or value of female participation in techgeneering ? [22:20]
mircea_popescu: http://btcbase.org/log/2018-04-12#1797803 << very much recall http://btcbase.org/log/2014-02-26#532413 [22:22]
a111: Logged on 2018-04-12 20:48 asciilifeform: spyked: if you recall, back in the 'minsky age', that was the initial attraction of mechanical 'reasoners' -- discovery of ~simple~ inferences [22:22]
a111: Logged on 2014-02-26 14:52 mircea_popescu: they let it run overnight, among the conclusions it had arrived to by morning was "napoleon had an infinite number of arms" [22:22]
mircea_popescu: http://btcbase.org/log/2018-04-12#1797814 << this'd be the one extra item vtronics might eventually get, if this ever comes to exist in a proper sense. [22:23]
a111: Logged on 2018-04-12 20:55 asciilifeform: spyked: in re proof machines, i'm much moar interested in items like ACL2 , where you can affix your hand-written program to a hand-written proof of correctness in a mechanically-reliable way [22:23]
mircea_popescu: http://btcbase.org/log/2018-04-12#1797868 << quite but this is not unrelated, mommentum = mv. and v has a T component. [22:26]
a111: Logged on 2018-04-12 21:29 jurov: i think the vortex sorts particles by momentum, not necessarily by temperature [22:26]
mircea_popescu: http://btcbase.org/log/2018-04-12#1797879 << well, it does suggest the solution to the cold fusion problem : MAKE THE ITEM MOVE WITH ROCKET!!1 [22:27]
a111: Logged on 2018-04-12 21:38 asciilifeform: whether it is possible to create this condition mechanically, purely from result of vehicle's motion -- i do not know [22:27]
mircea_popescu: http://btcbase.org/log/2018-04-13#1797925 << defo publish all this, then. or is it published already ? [22:30]
a111: Logged on 2018-04-13 00:42 zx2c4: spyked: http://btcbase.org/log/2018-04-12#1797801 tamarin (and cryptoverif and proverif) spit out the proof too. tamarin has a nice mode that will draw diagrams and flow charts too to make it easier to digest the proofs. people even have scripts to convert the output into latex in case you want an academic paper for free... [22:30]
mircea_popescu: !!up fmlrenln [23:24]
deedbot: fmlrenln voiced for 30 minutes. [23:24]
douchebag: !!up tittybang [23:51]
deedbot: tittybang voiced for 30 minutes. [23:51]
tittybang: hey [23:51]
tittybang: titties ? [23:51]
mircea_popescu: lol aite. [23:51]
tittybang: !!register http://p.bvulpes.com/pastes/Cochh/?raw=true [23:51]
deedbot: 557D9486765678B52BA698560040F7B6EE331885 registered as tittybang. [23:51]
mircea_popescu: 51fd3dda [23:52]
mircea_popescu: !!up vdstzt [23:53]
deedbot: vdstzt voiced for 30 minutes. [23:53]
———
  1. Symbolic representation of Mother Goddess / Great Inca / USG's State Corporations has been removed. []
  2. Symbolic representation of Mother Goddess / Great Inca / USG's State Corporations has been removed. []
  3. Symbolic representation of Mother Goddess / Great Inca / USG's State Corporations has been removed. []
  4. Symbolic representation of Mother Goddess / Great Inca / USG's State Corporations has been removed. []
Category: Logs
Comments feed : RSS 2.0. Leave your own comment below, or send a trackback.
Add your cents! »
    If this is your first comment, it will wait to be approved. This usually takes a few hours. Subsequent comments are not delayed.